Call for Paper

CAE solicits original research papers for the July 2021 Edition. Last date of manuscript submission is June 30, 2021.

Read More

An Improved Computer Network Access Control using Free BSD PFSENSE: A Case Study of UMaT Local Area Network

Akpah Sylvester, Michael Asante, Frimpong Twum. Published in Networks.

Communications on Applied Electronics
Year of Publication: 2016
Publisher: Foundation of Computer Science (FCS), NY, USA
Authors: Akpah Sylvester, Michael Asante, Frimpong Twum
10.5120/cae2016652396

Akpah Sylvester, Michael Asante and Frimpong Twum. An Improved Computer Network Access Control using Free BSD PFSENSE: A Case Study of UMaT Local Area Network. Communications on Applied Electronics 6(1):23-27, October 2016. BibTeX

@article{10.5120/cae2016652396,
	author = {Akpah Sylvester and Michael Asante and Frimpong Twum},
	title = {An Improved Computer Network Access Control using Free BSD PFSENSE: A Case Study of UMaT Local Area Network},
	journal = {Communications on Applied Electronics},
	issue_date = {October 2016},
	volume = {6},
	number = {1},
	month = {Oct},
	year = {2016},
	issn = {2394-4714},
	pages = {23-27},
	numpages = {5},
	url = {http://www.caeaccess.org/archives/volume6/number1/666-2016652396},
	doi = {10.5120/cae2016652396},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

Universities in Ghana to which UMaT is no exception are under constant pressure to provide their communities with reliable internet access. As internet connectivity is increasingly becoming a strategic resource, having a robust campus network with good connectivity to the internet is no longer a luxury, but in actual sense now a basic necessity. UMaT has a robust LAN infrastructure which faces some challenges attributable to limited bandwidth of 45 MB, misuse of the bandwidth on low priority bandwidth hungry applications, and lack of effective user access control. This research aimed at studying the behavior patterns of network users and deploy an enhanced network access control using freeBSD pfSense open source software as the dedicated perimeter firewall with the introduction of squid, squidGuard, Squid Analysis Report Generator (SARG) and the setting up of an Active Directory server with user access policies to improve user access control and insulate the LAN from misuse and virus attacks.

References

  1. Abhimanyu K. V. (2012), Basics of Data Communication: Part 7, Available at http://www.itorian.com/search/label/Data%20Communication, Accessed September 7, 2014.
  2. Memon, A. Q., Raza, A. H. and Iqbal, S. (2010) “WLAN Security”, Halmstad University Technical Report IDE 1013, Available at http://www.diva-portal.org/smash/get/diva2:317911/fulltext01, Accessed January 20, 2015.
  3. Simmonds, A., Sandilands, P., and Van Ekert, L. (2004), “An Ontology for Network Security Attacks”, Proc. of the 2nd Asian Applied Computing Conference (AACC), Lecture Notes in Computer Science, Kathmandu, Nepal: Springer Berlin, Vol. 3285, pp. 317-323.
  4. Chapman, D. Brent, Zwicky, Elizabeth D. (1995), Building Internet Firewalls, (O’RIELLY), ISBN 1-56592-124-0, First Edition, November 1995.
  5. Cheswick, W. R., Bollovin, S. M. and Rubin, A. D. (2003). Firewalls and Internet Security: repelling the wily hacker. 2nd edition. Boston: Addison-Wesley Longman Publishing Co., Inc..
  6. Naveen, S. (2007), Network Access Control (NAC) CISSP. Available at http://www.helpnetsecurity.com/2007/11/26/network-access-control-nac, Accessed May 8, 2015
  7. Samarati, P and Vimercati, D. C. D. (2001), “Access Control: Policies, Models, and mechanisms”, Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design (Tutorial Lectures, 2171), London, UK: Springer-Verlag, pp. 137–196.
  8. Bell, D. and LaPadula, L. (1973), “Secure Computer Systems: MTR 2547, MITRE”, Journal of Computer Security, Vol. 4(2), pp. 239-263.
  9. Biba, K. J. (1977), “Integrity Considerations for Secure Computer Systems, Technical report”, АСM SIGOPS Operating Systems Review 38(1), pp. 12-23. 
  10. Lampson, B. W. (1974), “On Protection in Operating Systems”, SIGOPS Oper. Syst. Review, Vol. 8(1), pp.18–24.
  11. Graham, G. S. and Denning, P. J. (1972), “Protection - Principles and Practice, Managing Requirements Knowledge”, Proc. of the Spring Joint Computer Conference, 417 pp.
  12. Baldwin, R. W. (1990), “Role-Based Access Control”, Proc. of the 15th National Computer Security Conference, pp. 554 – 563
  13. Anon. (2004), pfSense Installation, Available at https://doc.pfsense.org/-index.php/Installing_pfSense, Accessed March 5, 2015.
  14. Anon. (1990), Active Directory, Available at http://en.wikipedia.org/wiki-/Active_Directory, Accessed May 20, 2015.

Keywords

Bandwidth; freeBSD; pfSense; Squid; squidGuard; Squid Analysis Report Generator (SARG); Graphical User Interface.