Usability and Security of Personal Firewalls
نویسندگان
چکیده
Effective security of a personal firewall depends on (1) the rule granularity and the implementation of the rule enforcement and (2) the correctness and granularity of user decisions at the time of an alert. A misconfigured or loosely configured firewall may be more dangerous than no firewall at all because of the user’s false sense of security. This study assesses effective security of 13 personal firewalls by comparing possible granularity of rules as well as the usability of rule set-up and its influence on security. In order to evaluate usability, we have submitted each firewall to use cases that require user decisions and cause rule creation. In order to evaluate the firewalls’ security, we analysed the created rules. In addition, we ran a port scan and replaced a legitimate, network-enabled application with another program to assess the firewalls’ behaviour in misuse cases. We have conducted a cognitive walkthrough paying special attention to user guidance and user decision support. We conclude that a stronger emphasis on user guidance, on conveying the design of the personal firewall application, on the principle of least privilege and on implications of default settings would greatly enhance both usability and security of personal firewalls.
منابع مشابه
Managing Distributed Personal Firewalls with Smart Data Servers
Modern security architectures tend to become more and more complex. Not only the chances to improve Web applications using several data channels and diverse (TCP-)ports are very promising, but also the risks for criminal attacks and an intrusion into the corporate network are increasing. The classical solution to protect networks against criminal attacks with firewalls is problematic, though. O...
متن کاملDetecting and Blocking Unauthorized Access in Wi-Fi Networks
Academic and commercial 802.11 hotspots often use an SSLsecured captive portal to authenticate clients. Captive portals provide good usability and interoperability, but poor security. After a captive portal has authenticated a client, session hijacking and freeloading allow attackers to capture or use the client’s session. Freeloading does not require special tools and, surprisingly, is strengt...
متن کاملThinking About Firewalls
Many companies connect to the Internet, guarded by "firewalls" designed to prevent unauthorized access to their private networks. Despite this general goal, many firewalls fall widely apart on a continuum between ease of use and security. This paper attempts to describe some of the background and tradeoffs in designing firewalls. A vocabulary for firewalls and their components is offered, to pr...
متن کاملPerformance and Information Security Evaluation with Firewalls
Firewalls are an essential part of any information security system being the first defense line against security attacks. The sea-saw effect between firewalls and network performance is most concerning to network users; where strict security settings result in weak network performance and permeant security settings allow for a stronger one. Hence, evaluating firewall platforms and their impact ...
متن کاملPoster: Expectations, Perceptions, and Misconceptions of Personal Firewalls
Personal firewalls are recognized as the first line of defense for personal computers. However, the protection they afford depends strongly on their correct configuration [4]. Therefore, their usability is key to their effectiveness. In particular, as users become increasingly mobile, it is important for them to be able to judge whether their computer is secure enough for the usage context at h...
متن کامل