This document is the second of three progress reports concerning the DARPA contract DABT63-95-C-0018 'Internet Safety and Security Task: Internet Safety Through Type-Enforcing Firewalls.' The goals of this project are to assess the security and practicality of DTE firewalls - an advanced firewall technology based on Domain and Type Enforcement (DTE), and to construct a DTE firewall prototype. The first phase of the project demonstrated how DTE firewalls enabled secure ...
Internet-connected organizations often employ an Internet firewall to mitigate risks of system penetration, data theft, data destruction, and other security breaches. Conventional Internet firewalls, however, impose an overly simple inside-vs-outside model of security that is incompatible with many business practices that require extending limited trust to external entities, for example, suppliers, bankers, accountants, advisors, consultants, partners, customers, and allies. Additionally, firewall security perimeters are somewhat weak: they provide no protection ...
Reports by Author
