(IJCSIS) International Journal of Computer Science and Information Security,Vol. 9, No. 7, July 2011
Design and Implementation of Internet ProtocolSecurity Filtering Rules in a Network Environment
Alese B.K. Gabriel A.J. Adetunmbi A.O.Department of Computer Science, Federal University of Technology, P.M.B. 704, Akure,(Nigeria)
Abstract
Internet Protocol Security (IPSec)devices are essential elements innetwork security which provide trafficfiltering, integrity, confidentiality andauthentication based on configuredsecurity policies. The complexitiesinvolved in the handling of these policiescan result in policy conflicts that maycause serious security breaches andnetwork vulnerabilities. This papertherefore presents a mathematicalmodel developed for IPSec filteringrules and policies using Booleanexpressions. A comprehensiveclassification of security policy conflictsthat might potentially exist in a singleIPSec device (intra-policy conflicts) orbetween different network devices(inter-policy conflicts) in enterprisenetworks is also presented. All these areimplemented in user-friendly interfacesthat significantly simplify themanagement and/or properconfiguration of IPSec policies writtenas filtering rules, while minimizingnetwork vulnerability due to securitypolicy mis-configurations.
Keywords: Anomalies, Conflicts, IPSec, Policy, Protocols.
1. Introduction
The emerging use of TCP/IP networkinghas led to global system of interconnectedhosts and networks that is commonlyreferred to as
the Internet
[9]. The internetwas created initially to help fostercommunications among government-sponsored researchers and grew steadily toinclude educational institutions,government agencies, and commercialorganizations. Having experienced a greatadvance in the past decades, the Internet
has today, become the world’s
largestcomputer network, doubling in size eachyear. However, the Internet today, hasbecome a popular target to attack. Thenumber of security breaches is in fact fastrising than the growth of the Internet as awhole [9].A lot of methods which include;access control techniques, password,physical protection andencryption/decryption methods, have beenused to ensure the overall security of Computer Networks. However, asresearchers kept researching and devisingvarious effective security measures, thecryptanalysts (cyber-criminals) on theother hand, kept working out how thesesecurity measures could be broken,bypassed, or penetrated. As a result, [1]reported that despite all efforts, finding aconcrete solution to network securityproblems has been a mirage.How painful it is to know that mostcybercrimes which may include identitytheft, child pornography, Spam, Fraud,Hacking, Denial of Service attacks,Computer Viruses, Intellectual propertytheft and so on, take advantage of loopholes created by IPSec security policy
kaalfad@yahoo.comaromaforgod@yahoo.com
134http://sites.google.com/site/ijcsis/ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 9, No. 7, July 2011
related problems[1]. Therefore, theeffectiveness of the IPSec technology withrespect to the security of Computernetworks is dependent on (1) the thoroughunderstanding of the sources of theseconflicts, (2) providing policymanagement techniques/tools that enablenetwork administrators to analyze, purifyand verify the correctness of written IPSecrules/policies, with minimal humaninterventionThis paper, defines a formal model forIPSec rule relations and their filteringrepresentation, and highlights the single-trigger as well as the multi-triggersemantics of IPSec policies. This paperalso presents comprehensive classificationof conflicts that could exist in a singleIPSec gateway (intra-policy conflicts) orbetween different IPSec gateways (inter-policy conflicts) in enterprise networkswith a view to enhancing the identificationof such conflicts. Finally, a brief description of the implementation ispresented.2. Internet Protocol Security (IPSec)Policy BackgroundIPSec policy is a list of ordered filteringrules that define the actions performed onmatching packets[9][10]. A rule iscomposed of filtering fields (also callednetwork fields) such as protocol type,source IP address, destination IP address,source port and destination port, and afilter action field. Each network field couldbe a single value or range of values.Filtering actions are either of thefollowing;-
Protect:
for secure transmission of packets in and/or out of the securednetwork
-
Bypass:
for insecure transmission
-
Discard:
to drop the traffic (causethe packets to be discarded).
A packet is protected or discarded, asthe case may be, by a specific rule if thepacket header information matches all thenetwork fields of this rule. Otherwise, thenext following rule is used to test thematching with this packet again. Similarly,this process is repeated until a matchingrule is found. If no matching rule is found,the assumption here is that traffic isdropped /discarded.
2.1 The basic Filtering Rule Format
The most commonly used matching fieldsIPSec filtering rules are: protocol type,source IP address, source port, destinationIP address and destination port.[9] and [5].Below is a common packet filtering ruleformat in an IPSec policy;
<order> <protocol> <src_ip> <src_port> <dst_ip><dst_port> <action>
Where,-
order
of a rule determines itsposition relative to other filteringrules.-
protocol
specifies the transportprotocol of the packet, and can beone of these values: IP, ICMP,IGMP, TCP or UDP.
src_ip
and
dst_ip
specify the IPaddresses of the source anddestination of the packetrespectively.
src_port
and
dst_port
fields specifythe port address of the source anddestination of the packetrespectively. The port can be asingle specific port number or any
port number, indicated by “any”.
-
action
specifies the action to betaken when a packet matches arule.The
protocol, src_ip, src_port, dst_ip,
and
dst_port
fields, can be referred to as
“network fields” or 5
-tuple filter.
135http://sites.google.com/site/ijcsis/ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 9, No. 7, July 2011
As an illustration, the following securitypolicy is to
discard/block all UDP trafficcoming from the network 130.192.36.
∗
except HTTP:
1: udp, 130.192.36.
∗
, any,
∗
.
∗
.
∗
.
∗
, 80, protect2: udp, 130.192.36.
∗
, any,
∗
.
∗
.
∗
.
∗
, any, discard
2.2 Related Work
IPSec has been deployed for many years,none of the related research works haveused formal methods to comprehensivelyidentify IPSec policy conflicts and as wellprovide algorithms for the management(detection and resolution) of theseconflicts. [11] is a related work thatproposed a simulation technique indetecting and reporting IPSec policyviolations. The technique considered justone of the many forms of policy conflicts.[3] studied the policy conflicts particular tofirewalls that a
re limited to only “accept
"and
”deny” actions.
[8] is a related work that used a Query based approach toanalyze firewall policies. However, theyall have limited usability, as they requirehigh user expertise to write the queriesneeded to identify different policyproblems. Other work in this areaaddresses general management policiesrather than filtering policies. Althoughthis work is very useful as a generalbackground, it cannot be directly used forIPSec conflict discovery. Another work,worthy of recognition is that of [6]. Theauthors used Boolean expression andordered binary Decision Diagrams for theirmodelling and representation and analysisof policies. This however might not bevery comprehensive to every user. There isevery need for a comprehensive conflictanalysis framework for IPSec policiesusing formal techniques.3. IPSec Policy ModellingIn order to successfully enhance theeffectiveness of any IPSec device, there isneed to first model the relations andrepresentation of IPSec rules in the policy.Such a model should be complete and easyto implement and use. Rule relationmodelling is necessary for the analysis of IPSec policies and designing managementtechniques such as conflict detection andrules editing. The rules or policyrepresentation modelling is important forimplementing these managementtechniques and visualizing the IPSecpolicy structure. This section, describeformally the proposed model of IPSec rulerelations and policies.
3.1 Modelling IPSec Rule Relations
[3] asserted that, as rules are matchedsequentially, the inter-rule relation ordependency is critical for determining anyconflict in the security policy. In otherwords, if the rules are disjoint (no inter-rule relation), then any rule ordering in thesecurity policy is valid. Therefore,classifying all types of possible relationsbetween filtering rules is a first step tounderstanding the source of conflicts dueto policy mis-configuration. Although [6]did an extensive work on the rule relationsthat could exist in IPSec policies, thisparticular paper will go ahead to present asingle model that captures all these rulerelations.
Definition 1
:
Rules
Rul
x
and
Rul
y
are
exactly matched
if and only if every fieldin
Rul
x
is equal to the corresponding fieldin
Rul
y
.
Definition 2
:
Rules
Rul
x
and
Rul
y
are
inclusively matched
if they do not matchand if and only if every field in
Rul
x
is asubset or equal to the corresponding
Rul
y
.In this relation,
Rul
x
is called the
subset
match
while
Rul
y
is called the
superset
match
.
136http://sites.google.com/site/ijcsis/ISSN 1947-5500
Search History:
Result 00 of 00
00 results for result for
p.
Design and Implementation of Internet Protocol Security Filtering Rules in a Network Environment
Internet Protocol Security (IPSec) devices are essential elements in network security which provide traffic filtering, integrity, confidentiality and authentication based on configured security policies. The complexities involved in the handling of these policies can result in…
(More)
340
Reads
0
Readcasts
0
Embed Views
Get Scribd Mobile
To get Scribd mobile enter your number and we'll send you a link to the Scribd app for iPhone & Android.We've sent a link to the Scribd app. If you didn't receive it, try again.
We'll never share your phone number.
More From This User
Notes
Load more
