Alain Mayer scite author profile

In recent years packet-filtering firewalls have seen some impressive technological advances (e.g., stateful inspection, transparency, performance, etc.) and wide-spread deployment. In contrast, firewall and security management technology is lacking. In this paper we present Firmato, a firewall management toolkit, with the following distinguishing properties and components: (1) an entityrelationship model containing, in a unified form, global knowledge of the security policy and of the network topology; (2) a model definition language, which we use as an interface to define an instance of the entity-relationship model; (3) a model compiler, translating the global knowledge of the model into firewall-specific configuration files; and (4) a graphical firewall rule illustrator.We implemented a prototype of our toolkit to work with several commercially available firewall products. This prototype was used to control an operational firewall for several months. We believe that our approach is an important step toward streamlining the process of configuring and managing firewalls, especially in complex, multi-firewall installations.

show abstract

Fang: a firewall analysis engine

Mayer¹,

Wool²,

Ziskind³

172

124

View full text Add to dashboard Cite

How to make personalized web browsing simple, secure, and anonymous

Gabber¹,

Gibbons²,

Matias³

et al. 1997

117

View full text Add to dashboard Cite

Abstract. An increasing number of web-sites require users to establish an account before they can access the information stored on that site (\personalized web browsing"). Typically, the user is required to provide at least a unique username, a secret password and an e-mail address. Establishing accounts at multiple web-sites is a tedious task. A securityand privacy-aware user may h a ve t o i n vent a distinct username and a secure password, both unrelated to his/her identity, for each w eb-site. The user may also desire mechanisms for anonymous e-mail. Besides the information that the user supplies voluntarily to the web-site, additional information about the user may o w ( i n voluntarily) from the user's site to the web-site, due to the nature of the HTTP protocol and the cookie mechanism.This paper describes the Janus Personalized Web Anonymizer, which makes personalized web browsing simple, secure and anonymous by providing convenient solutions to each of the above problems. Janus serves as an intermediary entity b e t ween a user and a web-site. Given a user and a web-site, Janus automatically generates an alias { typically a username, a password and an e-mail address { that can be used to establish an anonymous account at the web-site. Di erent aliases are generated for each user, web-site pair however the same alias is presented whenever a particular user visits a particular web-site. Janus frees the user from the burden of inventing and memorizing distinct usernames and secure passwords for each w eb-site, and guarantees that an alias (including an e-mail address) does not reveal the true identity of the user. Janus also provides mechanisms to complete an anonymous e-mail exchange from a web-site to a user, and lters the information-ow of the HTTP protocol to preserve user privacy. T h us Janus provides simultaneous user identi cation and user privacy, as required for anonymous personalized web browsing.

show abstract

Time-optimal message-efficient work performance in the presence of faults

Prisco

Mayer

Yung

1994

View full text Add to dashboard Cite

Performing work in parallel by a multitude of processes in a distributed environment is currently a fast growing area of computer applications (due to its cost effectiveness). Adaptation of such applications to changes in system's parallelism (i.e., the availability of processes) is essential for improved performance and reliability y. In this work we consider one aspect of coping with dynamic processes failures in such a setting, namely the following scenario formulated by Dwork, Halpern and Waarts [DH W92]: a system of n synchronous processes that communicate only by sending messages to one another. These processes must perform m independent units of work. Processes may fail by crashing and wait-freeness is required, i.e. that whenever at least one process survives, all m units of work will be performed.We consider the notion of fast algorithms in this setting, yet we are not willing to trade improved time for a high cost in communication.Thus, we require message efficiency as well. We therefore put forth the notion of lexicographic eflciency, that is we consider the following two complexity measures in order: The parallel processor step (or S for short) as introduced by Kanellakis and Shvartsman [KS89] in the context of robust PRAM and the number of messages sent (denoted M).We present an algorithm which has S = O(m + (f + l)n) (where f denotes the actual number of failures) and prove that this is optimal (in absolute terms in all fault scenarios). Furthermore, the algorithm has M= O((f + l)n) and hence is the first messageeficient algorithm with optimal S. This is a step in understanding lexicographic efficiency, and towards solving the open problem in [DHW92] of simultaneously optimizing time and messages.

show abstract

Consistent, yet anonymous, Web access with LPWA

Gabber¹,

Gibbons²,

Kristol³

et al. 1999

Commun. ACM

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Alain Mayer

Firmato: a novel firewall management toolkit

Fang: a firewall analysis engine

How to make personalized web browsing simple, secure, and anonymous

Time-optimal message-efficient work performance in the presence of faults

Consistent, yet anonymous, Web access with LPWA

Contact Info

Product

Resources

About