Network Security Policy Research Articles

Protecting a private network: the AltaVista Firewall

Connecting an organization’s private network to the Internet offers many advantages but also exposes the organization to the threat of an electronic break-in. The AltaVista Firewall 97 for DIGITAL UNIX protects a private network from malicious attack or casual infiltration by screening all internetwork communication. It enforces the organization’s network security policy so that only allowed network traffic can cross the firewall. When installed on a dual- or multihomed host, the AltaVista Firewall applies the principle “that which is not expressly permitted is denied” and uses patented technology to screen each IP packet that attempts to cross it. A highly flexible access control grammar and a comprehensive reporting and alarm system enable the AltaVista Firewall to detect and react to harmful or dangerous events. The AltaVista Firewall also includes an HTML-based user interface to ease configuration and management of the firewall.

Social aspects of telecommunications security policy

This article examines some emerging telecommunications network security policy concerns. It begins by briefly reviewing public key cryptography. A distinction is drawn between secrecy of message content and secrecy of system usage, and a method is proposed to increase security in both areas so that not only does the content of a message remain secret but so too does that fact that a communication was made at all. The approach may also yield new revenue opportunities for public network providers. The conclusion contains observations about network security and national policy.