Many emerging applications (e.g., teleconference, real-time information services, pay per view, distrubuted interactive simulation, and collaborative work) are based upon a group communications model, i.e., they require packet delivery from one or more authorized senders to a very large number of authorized receivers. As a result, securing group communications (i.e., providing confidentiality, integrity, and authenticity of messages delivered between group members) will become a critical networking issue. In this paper, we present a novel solution to the scalability problem of group/multicast key management. We formalize the notion of a secure group as a triple (U, K, R) where U denotes a set of users, K a set pf keys held the users, and R a user-key relation. We then introduce key graphs to specify secure groups. For a special class of key graphs, we present three strategies for securely distributing rekey messages after a join/leave, and specify protocols for joining and leaving a secure group. The rekeying strategies and join/leave protocols are implemented in a prototype group key server we have built. We present measurement results from experiments and discuss performance comparisons. We show that our groujp key management service, using any of the three rekeying strategies, is scalable to large groups with frequent joins and leaves. In particular, the average measured processing time per join /leave increases linearly with the logarithm of group size.
The 4.2 Berkeley Software Distribution of the Unix operating system (4.2BSD for short) features an extensive body of software based on the TCP/IP family of protocols. In particular, each 4.2BSD system trusts some set of other systems, allowing users logged into trusted systems to execute commands via a TCP/IP network without supplying a password. These notes describe how the design of TCP/IP and the 4.2BSD implementation allow users on untrusted and possibly very distant hosts to masquerade as users on trusted hosts. Bell Labs has a growing TCP/IP network connecting machines with varying security needs; perhaps steps should be taken to reduce their vulnerability to each other.
An artificial immune system is described which incorporates many properties of natural immune systems, including diversity, distributed computation, error tolerance, dynamic learning and adaptation and slef-monitoring….
Automated intrusion response is an important unsolved problem in computer security. A system called pH (for process homeostasis) is described which can successfully detect and stop intrusions before the target system is compromised….
AAFID is a distributed intrusion detection architecture and system, developed in CERIAS at Purdue University. AAFID was the first architecture that proposed the use of autonomous agents for doing intrusion detection…...
State politico-military are re-evaluating definitions of state security and threats posed to it by the Internet. Numerous initiatives have been undertaken at state-level to attempt to limit the possible consequences of information warfare….
Computer network attacks are a relatively recent phenomenon. CNA have been tentatively described as operations to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves…..
The Internet has brought with it a whole revolution and new challenges that were previously unanticipated. Countries, both small and large, face a myriad of challenges in teh legal, policy, and technical realms….
Critical infrastructure protection is not only a national problem but, because so many parts of the infrastructure are connected, it’s also a global one and international fora such as this will go a long way, we believe, in helping us deal with this significant challenge…
The concept of one event happening before another in a distributed system is examined, and is shown to define a partial ordering of the events. A distributed algorithm is given for synchronizing a system of logical clocks which can be used to totally order the events…
The Intrusion Detection and Response Data Sharing Workshop, held at the Universityof California at Davis on July 15, 1998, had three goals. First, identify the needs of practitioners and researchers and identify opportunities for co-operation. Secondly, broker exchanges of research prototypes and better products to practitioners, and real incident data to researchers. Thirdly, provide funding agencies with a set of hard research problems for possible future funding.
The Computer Misuse Detection System is a computer security product that enables real-time detection of unauthorized computer use through audit data analysis. Audit data analysis is a non-invasive method for secuirty assurance that may be used to detect computer misuse and mitigate security risks in large, distributed, open architecture environments…..