Alain J. Mayer

Firmato : A novel firewall management toolkit

In recent years packet-filtering firewalls have seen some impressive technological advances (e.g., stateful inspection, transparency, performance, etc.) and wide-spread deployment. In contrast, firewall and security <i>management</i> technology is lacking. In this paper we present <i>Firmato</i>, a firewall management toolkit, with the following distinguishing properties and components: (1) an entity-relationship model containing, in a unified form, global knowledge of the security policy and of the network topology; (2) a model definition language, which we use as an interface to define an instance of the entity-relationship model; (3) a model compiler, translating the global knowledge of the model into firewall-specific configuration files; and (4) a graphical firewall rule illustrator. We implemented a prototype of our toolkit to work with several commercially available firewall products. This prototype was used to control an operational firewall for several months. We believe that our approach is an important step toward streamlining the process of configuring and managing firewalls, especially in complex, multi-firewall installations.

How to Make Personalized Web Browising Simple, Secure, and Anonymous

An increasing number of web-sites require users to establish an account before they can access the information stored on that site (“personalized web browsing”). Typically, the user is required to provide at least a unique username, a secret password and an e-mail address. Establishing accounts at multiple web-sites is a tedious task. A security-and privacy-aware user may have to invent a distinct username and a secure password, both unrelated to his/her identity, for each web-site. The user may also desire mechanisms for anonymous e-mail. Besides the information that the user supplies voluntarily to the web-site, additional information about the user may flow (involuntarily) from the users site to the web-site, due to the nature of the HTTP protocol and the cookie mechanism.

Firmato: a novel firewall management toolkit

In recent years, packet filtering firewalls have seen some impressive technological advances (e.g., stateful inspection, transparency, performance, etc.) and widespread deployment. In contrast, firewall and security management technology is lacking. We present Firmato, a firewall management toolkit, with the following distinguishing properties and components: (1) an entity relationship model containing, in a unified form, global knowledge of the security policy and of the network topology; (2) a model definition language, which we use as an interface to define an instance of the entity relationship model; (3) a model compiler translating the global knowledge of the model into firewall-specific configuration files; and (4) a graphical firewall rule illustrator. We demonstrate Firmatos capabilities on a realistic example, thus showing that firewall management can be done successfully at an appropriate level of abstraction. We implemented our toolkit to work with a commercially available firewall product. We believe that our approach is an important step towards streamlining the process of configuring and managing firewalls, especially in complex, multi firewall installations.

Consistent, yet anonymous, Web access with LPWA

In recent years the World Wide Web WWW has become an immensely popular and powerful medium To attract more users many web sites o er personalized services whereby users identify themselves and register their information preferences On return visits they conveniently receive a personalized selection of information However personalized services raise user concerns with respect to convenience and privacy

On the security of pay-per-click and other Web advertising schemes

We present a hit inflation attack on pay-per-click Web advertising schemes. Our attack is virtually impossible for the program provider to detect conclusively, regardless of whether the provider is a third-party ‘ad network’ or the target of the click itself. If practiced widely, this attack could accelerate a move away from pay-per-click programs and toward programs in which referrers are paid only if the referred user subsequently makes a purchase (pay-per-sale) or engages in other substantial activity at the target site (pay-per-lead). We also briefly discuss the lack of auditability inherent in these schemes.

Offline firewall analysis

Practically every corporation that is connected to the Internet has at least one firewall, and often many more. However, the protection that these firewalls provide is only as good as the policy they are configured to implement. Therefore, testing, auditing, or reverse-engineering existing firewall configurations are important components of every corporation’s network security practice. Unfortunately, this is easier said than done. Firewall configuration files are written in notoriously hard to read languages, using vendor-specific GUIs. A tool that is sorely missing in the arsenal of firewall administrators and auditors is one that allows them to analyze the policy on a firewall.To alleviate some of these difficulties, we designed and implemented two generations of novel firewall analysis tools, which allow the administrator to easily discover and test the global firewall policy. Our tools use a minimal description of the network topology, and directly parse the various vendor-specific low-level configuration files. A key feature of our tools is that they are passive: no packets are sent, and the analysis is performed offline, on a machine that is separate from the firewall itself. A typical question our tools can answer is “from which machines can our DMZ be reached, and with which services?.” Thus, our tools complement existing vulnerability analyzers and port scanners, as they can be used before a policy is actually deployed, and they operate on a more understandable level of abstraction. This paper describes the design and architecture of these tools, their evolution from a research prototype to a commercial product, and the lessons we have learned along the way.

Time-optimal message-efficient work performance in the presence of faults

Method and apparatus for determining diameter and wall thickness of hollow microspheres or shells wherein terminal velocities of shells traveling in fluid-filled conduits of differing diameters are measured. A wall-effect factor is determined as a ratio of the terminal velocities, and shell outside diameter may then be ascertained as a predetermined empirical function of wall-effect factor. For shells of known outside diameter, wall thickness may then be ascertained as a predetermined empirical function of terminal velocity in either conduit.

The complexity of word problems—this time with interleaving

Abstract We consider regular expressions extended with the interleaving operator, and investigate the complexity of membership and inequivalence problems for these expressions. For expressions using the operators union, concatenation, Kleene star, and interleaving, we show that the inequivalence problem (deciding whether two given expressions do not describe the same set of words) is complete for exponential space. Without Kleene star, we show that the inequivalence problem is complete for the class Σp2 at the second level of the polynomial-time hierarchy. Certain cases of the membership problem (deciding whether a given word is in the language described by a given expression) are shown to be NP-complete. It is also shown that certain languages can be described exponentially more succinctly by using interleaving.

Curbing Junk E-Mail via Secure Classification

We introduce a new method and system to curb junk e-mail by employing extended e-mail addresses. It enables a party to use her (core) e-mail address with different extensions and consequently classify incoming e-mail messages according to the extension they were sent to. Our contributions are threefold: First, we identify the components of a system that realizes the concept of extended e-mail addresses and investigate the functionality of these components in a manner which is backwards compatible to current e-mail tools. Secondly, we specify an adversarial model, and give the necessary properties of extended e-mail addresses and of the procedure to obtain them in the presence of the adversary. Finally, we design cryptographic functions that enable realizing extended e-mail addresses which satisfy these properties.

On secure and pseudonymous client-relationships with multiple servers

This paper introduces a cryptographic engine, Janus, which assists clients in establishing and maintaining secure and pseudonymous relationships with multiple servers. The setting is such that clients reside on a particular subnet (e.g., corporate intranet, ISP) and the servers reside anywhere on the Internet. The Janus engine allows each client-server relationship to use either weak or strong authentication on each interaction. At the same time, each interaction preserves privacy by neither revealing a clients true identity (except for the subnet) nor the set of servers with which a particular client interacts. Furthermore, clients do not need any secure long-term memory, enabling scalability and mobility. The interaction model extends to allow servers to send data back to clients via e-mail at a later date. Hence, our results complement the functionality of current network anonymity tools and remailers. The paper also describes the design and implementation of the Lucent Personalized Web Assistant (LPWA), which is a practical system that provides secure and pseudonymous relations with multiple servers on the Internet. LPWA employs the Janus function to generate site-specific person , which consist of alias usernames, passwords, and e-mail addresses.