On Computer Security and Public Trust
- Murray, William H
- Proceedings of the National Conference on…
This paper proposes a model for evaluating the security of networks of computers. It is about the security of the collection of systems connected, rather than about security of the connecting infrastructure. It proposes that: 1) the networks of interest can be modelled as a collection of abstract single-user single-task machines connected at their user interfaces; 2) the security of such a net can be evaluated by comparing the cost of a successful attack to its value; 3) the cost of attack can be evaluated in terms of the work effort to the attacker and that the value can be evaluated by calculating the how much the success reduces the cost of subsequent attacks. Illustrations are given of how success against one node reduces the cost of attack against other nodes. The paper suggests uses for the proposed model. It recommends network security practices that are suggested by the proposed model. It also suggests additional areas of research.