A fundamental framework for network security

摘要: The general concept of security in message communications may be traced to the advent human civilization. In contrast, however, automation and control is a recent phenomenon, originating with computer age rapidly gaining importance proliferation networks. With networks integrating dual functions (i) (ii) control, network must address issues inherent both automation. Until recently, research development was strongly linked cryptography including encryption decryption electronic messages. However, as have started proliferate into large, complex, real-world systems, such banking, power grid, proposed intelligent vehicle highway system, authors believe that has transcended traditional definition migrated higher, logical level. current future networks, information riding on parts while turn, ensure correct propagation from source intended destination. Thus, constitute multi-dimensional entities require at different levels hardware software. This paper first reviews literature security, detail. Second, it presents rating model, arrived by consensus, National Security Agency's Network Rating Model (NRM) conference March 1996 subsequent NRM author's group workshop July 1996. Third, proposes fundamental framework for consists eight perspectives nine attributes secure network. approach adopted workshop. perspectives, termed «pillars» this paper, individually provide orthogonal views collectively comprehensive stable structure supports total security. refer characteristics then list efforts high-level intrusion resistance logically argues their need towards A few key areas stressed position include, stability under perturbation, formal proofs correctness algorithms designed (iii) use fuzzy logic thresholds modeling criteria, (iv) dynamicity parameters constituting over time, foil attempts, (v) design innovative schemes aimed reducing performance impact overhead exploiting environment or protocol consideration.