I am badly late on this topic, but I couldn't help to comment. Here's a link to public-key based firewall:
http://www.usenix.org/event/usenix07/posters/lindqvist.pdf
The idea is to ditch IP address-based access control lists in firewalls and to favour public-key authentication to support mobile devices. The approach is also based on end-to-end VPN rather than the popular end-to-middle VPNs.
Here's a longer journal article:
http://www.igi-global.com/Bookstore/Article.aspx?TitleId=39054
Slashdot Mirror
I am badly late on this topic, but I couldn't help to comment. Here's a link to public-key based firewall: http://www.usenix.org/event/usenix07/posters/lindqvist.pdf The idea is to ditch IP address-based access control lists in firewalls and to favour public-key authentication to support mobile devices. The approach is also based on end-to-end VPN rather than the popular end-to-middle VPNs. Here's a longer journal article: http://www.igi-global.com/Bookstore/Article.aspx?TitleId=39054