With the increase in information and data accessibility, there is a growing concern for security and privacy of data. In large corporate Intranets, the insider attack is a major security problem. Numerous studies have shown that unauthorized accesses, in particular by insiders, pose a major security threat for distributed enterprise environments. This problem is highly magnified in a multi-domain environment that spans multiple enterprises collaborating to meet their business requirements. The challenge is in developing new or extending existing security models for efficient security management and administration in multi-domain environments that allow extensive interoperation among individuals or systems belonging to different security domains.

In this dissertation, we have addressed the issue of secure interoperation from policy management perspective. In particular, we have developed a policy-based framework that allows secure information and resource sharing in multi-domain environments supporting both tightly-coupled and loosely-coupled collaborations. The level of coupling in such environments is characterized by the degree of interoperation, the level of trust among domains, and the security, autonomy, and privacy requirements of the collaborating domains. The proposed framework provides efficient solutions and strategies for ensuring secure interoperation in both tightly-coupled and loosely-coupled multi-domain environments. This framework is designed for distributed systems that employ role based access control (RBAC) policies, and therefore addresses the secure interoperability requirements of emerging distributed application systems.

Voice over IP (VoIP) systems are gaining in popularity as the technology for transmitting voice traffic over IP networks. As the popularity of VoIP systems increases, they are being subjected to different kinds of intrusions some of which are specific to such systems and some which follow a general pattern of IP attacks. VoIP systems pose several new challenges to Intrusion Detection System (IDS) designers. First, these systems employ multiple protocols for call management (e.g., SIP) and data delivery (e.g., RTP). Second, the systems are distributed in nature and employ distributed clients, servers and proxies. Third, the attacks to such systems span a large class, from denial of service to billing fraud attacks. Finally, the systems are heterogeneous, have soft real time requirements, and are typically under several different administrative domains. In this paper, we propose the design of an intrusion detection system targeted to VoIP systems, called SPACEDIVE. SPACEDIVE is structured to detect different classes of intrusions, including, masquerading, denial of service, and media stream-based attacks. It can be installed at multiple points

On the evening of 2 November 1988, someone infected the Internet with a worm program. That program exploited flaws in utility programs based on BSD-derived versions of UNIX. The flaws allowed the program to break into those machhines and copy itself, thus infecting those systems. Thi sprogram eventually spread to thousands of machines , and disrupted normal activities and Internet connectivity for many days. This report gives a detailed description of the components of the worm program-data and functions. It is based on a study of two completely independent reverse-compilations of the worm and a version disassembled to VAX assembly language. Almost no source code is given in the paper because of current concerns about the state of the “immune system” of Internet hosts, but the description should be detailed enough to allow the reader to understand the behavior of the program.  The paper contains a review of the securty flaws exploited by the worm program, and gives some recommendations on how to eliminate or mitigate their future use. The report also includes and analysis of the coding style and methods used by the author(s) of the worm , and draw some conclusions about his abilities and intent.