Development and evaluation of a secure web gateway with messaging functionality : utilizing existing ICAP and open-source tools to notify and protect end users from Internet security threats.

摘要

Secure web gateways aim to protect end user systems against web based threats. Manyproprietary commercial systems exist. However, their mechanisms of operation are not generallypublicly known. This project undertook development and evaluation of an open source andstandards based secure web gateway. The proof of concept system developed uses a combinationof open source software (including the Greasyspoon ICAP Server, Squid HTTP proxy, and ClamAntivirus) and Java modules installed on the ICAP server to perform various security tasks thatrange from simple (such as passive content insertion) to more advanced (such as active contentalteration).The makeup of the proof of concept system and the evaluation methodology for both effectivenessand performance are discussed. The effectiveness was tested using comparative analysisof groups of self-browsing high interaction client honey pots (employing a variety of securitymeasures) and recording different system alteration rates. Performance was tested across a widerange of variables to determine the failure conditions and optimal set up for the componentsused.The system developed met the majority of the goals set, and results from testing indicatethat there was an improvement in infection rates over unprotected systems. Performance levelsattained were suitable for small scale deployments, but optimization is necessary for larger scaledeployments.