Design and Implementation of a Distributed Firewall
Dalila Boughaci (LRIA-USTHB, Algeria), Brahim Oubeka (LRIA-USTHB, Algeria), Abdelkader Aissioui (LRIA-USTHB, Algeria), Habiba Drias (LRIA-USTHB, Algeria) and Belaïd Benhamou (Technopôle de Château-Gombert, France)
Copyright: © 2009
This chapter presents the design and the implementation of a decentralized firewall. The latter uses autonomous agents to coordinately control the traffic on the network. The proposed framework includes a set of controllers’ agents that ensure the packets filtering services, a proxy agent that plays a role of a proxy server and an identifier agent which is responsible for user authentication. The decentralization of the different agents’ activities is managed by an administrator agent which is a core point for launching the most important operations of the access control. A prototype has been designed and implemented. Furthermore, the authors hope that the underlying framework will inform researchers of a possible way to implement a decentralized firewall to improve the current solution, and will help readers understand the need for techniques and tools such as firewalls that are useful to protect their network traffic.
This section is intended to give the reader a basic understanding of traditional firewalls and software agents.
Key Terms in this Chapter
Packet: Called also datagrams, it is a piece of a message (data and destination address) transmitted over a packet-switching network.
Computer Security: Techniques and measures used to protect data stored in a computer or circulated on the network from unauthorized accesses. Among the security tools, we find firewalls, intrusion detection system, antivirus, data encryption, and passwords systems.
Packets Filtering: A technique for controlling access to a network by analyzing the traversal packets and allowing or disallowing them passing based on the IP addresses of the source and destination.
Router: A device that forwards data packets along networks.
Ping: A utility to determine whether a specific IP address is accessible.
IP Spoofing: A technique to gain unauthorized access to network. The hacker can do it by modifying the packet header then sending messages to a computer with an IP address indicating that the message is coming from a trusted host.
Network Firewall: A device used to control access between a trusted network and an untrusted network based on certain configured rules.
Hacker: An intruder who gains unauthorized access to computer system.
Proxy: A relay which sits between a client application and the real server permitting to intercept all requests on the network. The proxy server effectively hides the true network addresses.