Topic:
Challenges of Distributed Security
What are the research challenges of distributed intrusion protection/detection, performance measurement, management and incident response in a secure dynamic heterogeneous networkings environment?
Findings
-
Security attacks are increasingly distributed, therefor their
detection and defense often requires a distributed solution.
-
Optical circuit switched paths may cross several administrative
domains, adding to the complexity of solutions.
-
Traffic flows often take asymmetric paths, making monitoring
and control from a single location impossible.
-
No current intrusion prevention systems work in the face
of distributed asymmetric flows.
-
Coordination between incident response groups tends to flow
up and down a pyramid with little lateral interaction.
Recommendations
-
Optical switched paths provide an opportunity to perform
authentication prior to establishing connections.
-
Research in distributed intrusion prevention systems.
-
Methods should be defined for more direct sharing of performance
and incident detection data across domains.