Name
Abstract | ||
|---|---|---|
Although network security theory forbids many connections to large networks as being too risky, the reality is that large numbers of sensitive systems are connected to the Internet and that connectivity is increasing at a rapid rate. Firewalls and host protection mechanisms are used in a somewhat arbitrary fashion, depending more on the availability of products than on a clear understanding of security principles. We need to expand security theory to protect large networks.This paper proposes a new paradigm for security in large networks, based on an understanding of the sometimes conflicting requirements for security, connectivity and functionality. The paradigm, called FICS-IT, consists of a philosophy, an approach, a framework and a collection of components. It is based on an understanding of security as risk management and includes local resource control; multiple, tailored security policies; layered, functoinal access control; and recognition of heterogeneity in architecture, ownership and policy. |
Year | DOI | Venue |
|---|---|---|
1995 | 10.1109/NSPW.1995.492339 | NSPW |
Keywords | Field | DocType |
architecture,network security theory,local resource control,fics-it,infinite network,layered functional access control,host protection mechanisms,functoinal access control,new paradigm,security theory,tailored security policy,heterogeneity,large network,security principle,functionality,product availability,risk management,sensitive systems,clear understanding,infinite networks,connectivity,risky connections,wide area networks,firewalls,large networks,ownership,security of data,large number,policy,internet,multiple tailored security policies,information security,network security,access control,security policy,data security,computer networks,control systems,information systems | Security convergence,Security testing,Security through obscurity,Asset (computer security),Computer security,Computer science,Security service,Cloud computing security,Security information and event management,Computer security model | Conference |
ISBN | Citations | PageRank |
0-8186-7318-4 | 1 | 0.36 |
References | Authors | |
4 | 2 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Ruth Nelson | 1 | 13 | 4.85 |
| Hilary Hosmer | 2 | 1 | 0.36 |