Fived: A Service-Based Architecture Implementation to Innovate at the Endpoints

Appeared as a poster at ACM SIGCOMM 2010 Conference.

Abstract

Security functions such as access control, encryption and authentication are typically left up to applications on the modern Internet. There is no unified system to implement these critical features. The access control that does exist on the network doesn't integrate well with user authentication systems, so access control decisions are based on the network location of a computer rather than the privilege level of its user. Just about every layer of the Internet provides optional encryption, yet most data on the Internet continues to be sent in the clear. Application developers routinely make mistakes in security critical code leading to bugs that manifest in worms, malware or provide a doorway for actively malicious attackers. We propose a unified session layer that integrates trustworthiness features into the core of the network. This would reverse the fortunes of security on the Internet and lead us toward a safer, more secure global network.

Publication date:
August 2010

Authors:
D J Capelis
Darrell D. E. Long

Projects:
Secure Networks

Available media

Full paper text: PDF

Bibtex entry

@misc{capelis-sigcomm10,
  author       = {D J Capelis and Darrell D. E. Long},
  title        = {Fived: A Service-Based Architecture Implementation to Innovate at the Endpoints},
  howpublished = {Poster in ACM SIGCOMM 2010 Conference},
  month        = aug,
  year         = {2010},
}