NDLI: On the Self-Protection of Firewalls and Distributed Intrusion Detection Systems

Please wait, while we are loading the content...

On the Self-Protection of Firewalls and Distributed Intrusion Detection Systems

Content Provider	Semantic Scholar
Author	Hedbom, Hans
Copyright Year	2001
Abstract	Distributed computing is performed by allowing a possibly large number of interconnectedentities to process distributed information. The complexity of these systemsincreases the risk of exposing information to unauthorized parties and opens up the possibilityof new threats and new vulnerabilities. Thus, the security of the systems cannot beprovided by the local computer, but is dependent on the security of all the computers andcommunication channels involved. In order to counter these new threats, security extensions,such as firewalls and intrusion detection systems, are often added to the system.However, to be more effective the extensions need to reflect the structure of the systemthey should protect, i.e. they must cooperate or wherever appropriate be distributed themselves.One aspect which is often neglected in this context is that the introduction of securityextensions may in itself introduce new vulnerabilities. This comes from the fact thatthe extensions rely on sensitive information in order to work properly. Another aspect isthat commonly used operating systems do not provide a trustworthy platform for the security extensions, so the security can not be based on the security of the underlying system.One way to solve this problem is to let the extension take care of its own protection, i.e. provide self-protection. This thesis addresses the self-protection problem and discusses the avoidance of the risks and dangers associated with the use of security extensions. One specific issue of self-protection is studied in particular, namely that of protecting the detection policy of a distributed intrusion detection system. A protection method using one-way functions is proposed.
File Format	PDF HTM / HTML
Alternate Webpage(s)	http://www.ce.chalmers.se/research/Security/Publications/pubs/hanslic.pdf
Language	English
Access Restriction	Open
Content Type	Text
Resource Type	Article

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in