• DocumentCode
    3386543
  • Title

    Security for infinite networks

  • Author

    Nelson, Ruth ; Hosmer, Hilary

  • Author_Institution
    Information Syst. Security, Watertown, MA, USA
  • fYear
    1995
  • fDate
    22-25 Aug 1995
  • Firstpage
    11
  • Lastpage
    19
  • Abstract
    Although network security theory forbids many connections to large networks as being too risky, the reality is that large numbers of sensitive systems are connected to the Internet and that connectivity is increasing at a rapid rate. Firewalls and host protection mechanisms are used in a somewhat arbitrary fashion, depending more on the availability of products than on a clear understanding of security principles. We need to expand security theory to protect large networks. This paper proposes a new paradigm for security in large networks, based on an understanding of the sometimes conflicting requirements for security, connectivity and functionality. The paradigm, called FICS-IT (Functional, Information, and Connection Security for Information Technology), consists of a philosophy, an approach, a framework and a collection of components. It is based on an understanding of security as risk management and includes: local resource control; multiple, tailored security policies; layered, functional access control; and recognition of heterogeneity in architecture, ownership and policy
  • Keywords
    risk management; security of data; wide area networks; FICS-IT; Internet; architecture; connectivity; firewalls; functionality; heterogeneity; host protection mechanisms; infinite networks; large networks; layered functional access control; local resource control; multiple tailored security policies; network security theory; ownership; policy; product availability; risk management; risky connections; sensitive systems; Access control; Centralized control; Computer networks; Contracts; Control systems; Data security; Information security; Information systems; Protection; Risk management;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    New Security Paradigms Workshop, 1995. Proceedings
  • Conference_Location
    La Jolla, CA
  • Print_ISBN
    0-8186-7318-4
  • Type

    conf

  • DOI
    10.1109/NSPW.1995.492339
  • Filename
    492339