Sidewinder: Defense in depth using type enforcement
نویسنده
چکیده
Sites use firewalls to defend against external attacks while providing necessary Internet services. Firewalls make a site safer: they present a smaller risk since they provide fewer services. However, most firewalls use standard computer operating systems. This can allow an attacker to overrun the firewall if a known security flaw is present. The Sidewinder firewall system overcomes this problem using type enforcement. Network server applications operate in independently controlled compartments called domains, each granted specific permissions to access particular types of files or communicate with other domains. If a server succumbs to an attack, type enforcement restricts the amount of damage an attacker can do. In particular, Sidewinder prevents an attack on an Internet server from accessing domains serving internal, protected networks. An attacker can not overrun a Sidewinder because the type enforcement restrictions can not be disabled while the system is handling network traffic.
منابع مشابه
Identify the most common psychological traumas and defense mechanisms of the treatment staff during coronavirus outbreaks
Background: The families of medical staff experience many psychological traumas in coronavirus crisis situations. Identifying and treating the most common family trauma's treatment staff and their defense mechanisms can help reduce their trauma. Method: This research was conducted in terms of applied purpose and with a qualitative approach and interpretive phenomenological method. The research...
متن کاملExpression of Caytaxin Protein in Cayman Ataxia Mouse Models Correlates with Phenotype Severity
Caytaxin is a highly-conserved protein, which is encoded by the Atcay/ATCAY gene. Mutations in Atcay/ATCAY have been identified as causative of cerebellar disorders such as the rare hereditary disease Cayman ataxia in humans, generalized dystonia in the dystonic (dt) rat, and marked motor defects in three ataxic mouse lines. While several lines of evidence suggest that Caytaxin plays a critical...
متن کاملGenetic and Molecular Dissection of Blast Resistance in Rice Using RFLP, Simple Sequence Repeats and Defense-Related Candidate Gene Markers
Blast, Pyricularia grisea (Cooke) Sacc., is one of the most destructive diseases of rice worldwide and canresult in significant reductions in yield. The use of resistant cultivars is the most economical and effectiveway of controlling rice blast. A variety of DNA markers, including plant defense-related candidategene markers are available for genetic characterization and molec...
متن کاملPaleogeographic and tectonic implications of Jurassic sedimentary and volcanic sequences in the central Mojave block
Sedimentologic, stratigraphic, and geochronologic data from strata of early Mesozoic age in the central Mojave block elucidate the paleogeographic and tectonic evolution of the magmatic arc in the southern U.S. Cordillera. A sequence of calcareous siltstone, volcaniclastic conglomerate, tuff, and quartzose sandstone records the transition from shallow-marine rocks of the Fairview Valley Formati...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Int. Journal of Network Management
دوره 5 شماره
صفحات -
تاریخ انتشار 1995