Skip to main content

Self-Securing Devices

Researcher: Greg Ganger

Abstract

Self-Securing Devices

Security compromises are a fact of life with crackers, e-mail viruses, self-propagating worms, and DoS attacks. Since no single defense is adequate, security functionality should be distributed among physically distinct components. Inspired by siege warfare, individual devices erect their own security perimeters and defend their own critical resources (e.g., network link or storage media).

Together with conventional OS and firewall defenses, such self-securing devices promise greater flexibility for security administrators dealing with intrusions. By having each device erect an independent security perimeter, the network environment gains many outposts from which to act when under attack. Devices not only protect their own resources, but they can observe, log, and react to the actions of other nearby devices. Infiltration of one security perimeter will compromise only a small fraction of the environment -- other devices can work to dynamically identify the problem, alert still-secured devices about the compromised components, raise the security levels of the environment, and so forth.