The design philosophy of the DARPA internet protocols
SIGCOMM '88 Symposium proceedings on Communications architectures and protocols
Computer System and Network Security
Computer System and Network Security
Security in Computing (4th Edition)
Security in Computing (4th Edition)
Hi-index | 0.00 |
Although systems engineers have developed powerful tools for measuring, modeling, and optimizing system performance, system security is much less well understood. This paper discusses the issue of system security in the context of Internet security and introduces a simple idea called ProgramID. ProgramID is an example of a strategy based on a principle we call think globally, act locally (TGAL), a general principle for distributed, decentralized management of networks. Under the TGAL principle, a combination of simple security strategies acting at a local level can produce measurable increases in global security. ProgramID can be implemented via a simple service that users can add to their operating system to force programs to identify themselves before they can execute. This gives individual computer users an extra layer of protection against malicious programs such as the increasingly prevalent email viruses. Using epidemic-like models, we analyze how global security is impacted when some fraction of Internet users have ProgramID protection.