First European Symposium On Research In Computer Security (ESORICS 90)
An Architecture for a Trusted Network
E. Stewart Lee, Brian Thomson, Peter I. P. Boulton, Michael Stumm
Abstract : The thesis of this research is that the network is the logical entity to enforce a network security policy. The alternative is to attempt to enforce a network security policy in the trusted computing bases (TCBs) of the attached hosts. The latter requires the adoption of a single-system approach, for which it is argued that there are several disadvantages. A Trusted Network Architecture (TNA) that enforces a network security policy within the network to ensure confidential communications is described. It is claimed that TNA is resistant to all known confidentiality attacks except those based on denial of service. An architecture for the network is described, with considerable detail being devoted to the handling of encryption keys.
Proceedings table of contents