Abstract:
Firewall support for UDP traffic today is still insecure and inadequate. We propose in this paper a transport layer proxy (TLP) to provide a secure UDP firewall traversal...Show MoreMetadata
Abstract:
Firewall support for UDP traffic today is still insecure and inadequate. We propose in this paper a transport layer proxy (TLP) to provide a secure UDP firewall traversal service on the transport layer (the TLP supports TCP as well). For each UDP association with endpoints separated by a TLP server, the TLP server performs user-level or host-level authentication, packet filtering, packet relaying, optional network address translation, session logging, timing-out of idle association, and other security-related functions. The core of the TLP is a two-step TLP binding procedure that makes a UDP association stateful between a TLP client and a TLP server. This binding procedure supports Active UDP Open, Passive UDP Open, and Source-Specific UDP Open, which a local program may perform on a UDP socket.
Date of Conference: 01-04 July 2002
Date Added to IEEE Xplore: 07 November 2002
Print ISBN:0-7695-1671-8
Print ISSN: 1530-1346