Implementing a distributed firewall
Proceedings of the 7th ACM conference on Computer and communications security
Architecture and Applications for a Distributed Embedded Firewall
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Generating Policies for Defense in Depth
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Trapping Malicious Insiders in the SPDR Web
HICSS '09 Proceedings of the 42nd Hawaii International Conference on System Sciences
Virtual Private Groups for Protecting Critical Infrastructure Networks
CATCH '09 Proceedings of the 2009 Cybersecurity Applications & Technology Conference for Homeland Security
Hi-index | 0.00 |
The process control system (PCS) owner can no longer rely on a physical air gap and custom hardware to protect her network from attack. Demand for greater visibility into PCS operations, coupled with greater use of commodity hardware, now exposes the PCS network to the same threats facing other networks. To address these threats, we argue for the deployment of prevention-based, host-resident, network layer devices, coupled with scalable, service-based management, that will not only protect PCS communications but will also support higher level reasoning about PCS trustworthiness. We explain why the modern PCS network is particularly well-suited for this approach, and we highlight where our own research supports this claim.