Accession Number:

ADA402645

Title:

Toward an Internet Service Provider (ISP) Centric Security Approach

Descriptive Note:

Master's thesis

Corporate Author:

NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s):

Report Date:

2002-03-01

Pagination or Media Count:

92.0

Abstract:

Individual users, businesses, and governments have become functionally dependent on the Internets connectivity to interact at the most basic levels of social and economic intercourse. Yet self-propagating worms and distributed denial of service attacks have demonstrated that disruption of the Internet infrastructure can be quickly achieved despite the vast knowledge of vulnerabilities and readily available subscriber-based countermeasures. In part, this condition is made possible because networks continue to operate under an obsolete subscriber-centric security paradigm that is based on all end users being trusted to act appropriately. This thesis develops the idea of an Internet Service Provider ISP- centric security approach by examining the types, roles, security mechanisms, and operational precepts of ISPs to illustrate their functional control within the infrastructure, Denial of service and worm attacks are detailed to provide the context for an emerging set of conditions that forms the basis of the requirement for the ISP approach. This paper concludes by examining four enabling technologies currently available that, used uniformly, provide ISPs with the framework to implement Internet based security that can serve to enhance the layered defense model and invoke the tenants of best practices.

Subject Categories:

  • Computer Programming and Software
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE