Institutional Repository

A proposal for dynamic access lists for TCP/IP packet filtering

Show simple item record Hazelhurst, S
dc.contributor.editor Renaud, K.
dc.contributor.editor Kotze, P
dc.contributor.editor Barnard, A 2018-08-23T09:54:52Z 2018-08-23T09:54:52Z 2001
dc.identifier.citation Hazelhurst, S. (2001) A proposal for dynamic access lists for TCP/IP packet filtering. Hardware, Software and Peopleware: Proceedings of the Annual Conference of the South African Institute of Computer Scientists and Information Technologists, University of South Africa, Pretoria, 25-28 September 2001 en
dc.identifier.isbn 1-86888-195-4
dc.description.abstract The use of IP filtering to improve system security is well established, and although limited in what it can achieve has proved to be efficient and effective. In the design of a security policy there is always a trade-off between usability and security. Static access lists make finding a balance particularly stark. Dynamic access lists would allow the rules to change for short periods of time, and to allow local changes by non-experts. The network administrator can set basic security guidelines which allow certain basic services only. All other services are restricted, but users are able to request temporary exceptions in order to allow additional access to the network. These exceptions are granted depending on the privileges of the user. This paper covers the following topics: ( 1) basic introduction to TCP/IP filtering; (2) semantics for dynamic access lists and; ( 3) a proposed protocol for allowing dynamic access; and ( 4) a method for representing access lists so that dynamic update and look-up can be done efficiently. en
dc.language.iso en en
dc.subject Firewalls en
dc.subject TCP/IP filtering en
dc.title A proposal for dynamic access lists for TCP/IP packet filtering en

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search UnisaIR


My Account