保护分布式联网计算机

Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology Pub Date : 2005-10-01 DOI:10.1109/CCST.2005.1594882

L. Pierson, P. Robertson, J. Van Randwyk, T. Toole

{"title":"保护分布式联网计算机","authors":"L. Pierson, P. Robertson, J. Van Randwyk, T. Toole","doi":"10.1109/CCST.2005.1594882","DOIUrl":null,"url":null,"abstract":"Current methods of enforcing security policy depend on security patches, anti-virus protections, and configuration control, all updated in the end user's computer at ever decreasing intervals. This research is producing a method of hardening the corporate computer infrastructure by prototyping a mixed hardware and software architecture that enforces policies by pushing distributed security functions closer to the end user's computer, but without modifying, relying on or reconfiguring the end user's computer itself. Previous research has developed highly secure network components. Because it is impractical to replace our entire infrastructure with secure, trusted components, this paper investigates how to improve the security of a heterogeneous infrastructure composed of both trusted and untrusted components.","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Protection of distributed internetworked computers\",\"authors\":\"L. Pierson, P. Robertson, J. Van Randwyk, T. Toole\",\"doi\":\"10.1109/CCST.2005.1594882\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Current methods of enforcing security policy depend on security patches, anti-virus protections, and configuration control, all updated in the end user's computer at ever decreasing intervals. This research is producing a method of hardening the corporate computer infrastructure by prototyping a mixed hardware and software architecture that enforces policies by pushing distributed security functions closer to the end user's computer, but without modifying, relying on or reconfiguring the end user's computer itself. Previous research has developed highly secure network components. Because it is impractical to replace our entire infrastructure with secure, trusted components, this paper investigates how to improve the security of a heterogeneous infrastructure composed of both trusted and untrusted components.\",\"PeriodicalId\":411051,\"journal\":{\"name\":\"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology\",\"volume\":\"11 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCST.2005.1594882\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2005.1594882","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

当前执行安全策略的方法依赖于安全补丁、反病毒保护和配置控制，所有这些都在最终用户的计算机中以越来越短的间隔更新。这项研究产生了一种强化企业计算机基础设施的方法，通过原型设计一个混合的硬件和软件架构，通过推动分布式安全功能更接近最终用户的计算机来执行策略，但不修改、依赖或重新配置最终用户的计算机本身。以前的研究已经开发出高度安全的网络组件。由于用安全、可信的组件替换我们的整个基础设施是不切实际的，因此本文研究了如何提高由可信和不可信组件组成的异构基础设施的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Protection of distributed internetworked computers

Current methods of enforcing security policy depend on security patches, anti-virus protections, and configuration control, all updated in the end user's computer at ever decreasing intervals. This research is producing a method of hardening the corporate computer infrastructure by prototyping a mixed hardware and software architecture that enforces policies by pushing distributed security functions closer to the end user's computer, but without modifying, relying on or reconfiguring the end user's computer itself. Previous research has developed highly secure network components. Because it is impractical to replace our entire infrastructure with secure, trusted components, this paper investigates how to improve the security of a heterogeneous infrastructure composed of both trusted and untrusted components.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology

自引率

0.00%

发文量