There were some very smart guys about 30 years ago who "knew" security.
They had it figured out. It came down to a secure kernel, and from that secure kernel they developed a reference monitor model and successfully tested this model in Multix.
Another good read, google for "What is there to worry about? An introduction to the computer security problem?" -- by Brinkley & Schnell
Some of the guys who knew what this game we call security is all about are:
Willis Ware Donald Brinkley Roger Schnell Ross Anderson
Now this does not directly answer your question...but these guys say that a firewall SHOULD NOT run at the application level. Certainly the material changes the way we as Info Sec, Info Assurance, Info Tech. professionals THINK about security...
Slashdot Mirror
There were some very smart guys about 30 years ago who "knew" security.
They had it figured out. It came down to a secure kernel, and from that secure kernel they developed a reference monitor model and successfully tested this model in Multix.
Another good read, google for "What is there to worry about? An introduction to the computer security problem?" -- by Brinkley & Schnell
Some of the guys who knew what this game we call security is all about are:
Willis Ware
Donald Brinkley
Roger Schnell
Ross Anderson
Now this does not directly answer your question...but these guys say that a firewall SHOULD NOT run at the application level. Certainly the material changes the way we as Info Sec, Info Assurance, Info Tech. professionals THINK about security...