Meta-level Firewall

With the advent of technologies such as XML-RPC and SOAP which tunnel remote procedure calls through HTTP traffic encoded as XML a whole new set of security problems has arisen. The traditional firewall which filters IP traffic based on a set of rules concerning source addresses and destinations and other transport layer header information provides no mechanism for dealing with these new types of threats. In this work we propose to build a meta-level firewall that can look inside the traffic at higher levels in the protocol stack and execute filtering code designed to inspect traffic at these higher layers.