Toward an internet service provider (ISP) centric security
Price, Patrick D.
MetadataShow full item record
Individual users, businesses, and governments have become functionally dependent on the Internet's connectivity to interact at the most basic levels of social and economic intercourse. Yet self-propagating worms and distributed denial of service attacks have demonstrated that disruption of the Internet infrastructure can be quickly achieved despite the vast knowledge of vulnerabilities and readily available subscriber-based countermeasures. In part, this condition is made possible because networks continue to operate under an obsolete subscriber-centric security paradigm that is based on all end users being trusted to act appropriately. This thesis develops the idea of an Internet Service Provider (ISP)- centric security approach by examining the types, roles, security mechanisms, and operational precepts of ISP's to illustrate their functional control within the infrastructure. Denial of service and worm attacks are detailed to provide the context for an emerging set of conditions that forms the basis of the requirement for the ISP approach. This paper concludes by examining four enabling technologies currently available that, used uniformly, provide ISPs with the framework to implement Internet based security that can serve to enhance the layered defense model and invoke the tenants of best practices.
This thesis was completed in cooperation with the Institute for Information Superiority and Innovation.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Showing items related by title, author, creator and subject.
Xie, Geoffrey (2007-11);This chapter explores the architectural design of the Internet. The main objectives are: (i) highlight the design principles underlying the Internet architecture and explain their roles in the success of the network, and ...
Perri, Richard. (Monterey, California: Naval Postgraduate School, 1999-12);During the mid 90s, data and voice began to merge, propelled by advances in compression technology. The ubiquity of routed Internet Protocol (IP) networks, and the desire to trim telephony costs are the major driving forces ...
Quek, Henry C. (Monterey, California. Naval Postgraduate School, 2000-03-01);Up till today, the Internet only provides best-effort service, where traffic is processed as quickly as possible, with no guarantee as to timeliness or actual delivery. As the Internet develops into a global commercial ...