Firewall Wizards mailing list archives
Re: The Future of Security
From: Damir Rajnovic <drajnovi () cisco com>
Date: Tue, 07 Dec 1999 08:08:04 +0000
Hello there, At 10:59 06/12/1999 -0800, David LeBlanc wrote:
So, I expect the processing power of these Java-enabled gizmos to be as small as possible, which also tells me that the IP stack isn't going to be sophisticated, and experience tells me that means they are probably prone to DoS attacks. Next, we're talking about basing the security of these devices on some sort of ACL, yet they are supposed to 'discover' one another. Discovery implies 2 things - one is that they will be chatty, and the other is that they will respond to requests for at least a minimal
See http://www.cl.cam.ac.uk/~fms27/duckling/ This paper addresses some of your questions. The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks Frank Stajano and Ross Anderson In the near future, many personal electronic devices will be able to communicate with each other over a short range wireless channel. We investigate the principal security issues for such an environment. Our discussion is based on the concrete example of a thermometer that makes its readings available to other nodes over the air. Some lessons learned from this example appear to be quite general to ad-hoc networks, and rather different from what we have come to expect in more conventional systems: denial of service, the goals of authentication, and the problems of naming all need re-examination. We present the resurrecting duckling security policy model, which describes secure transient association of a device with multiple serialised owners. Cheers, Gaus ============ Damir Rajnovic <drajnovi () cisco com> Cisco PSIRT Manager Team URL: <http://www-tac.cisco.com/Teams/PSIRT/> Phone: +44 20 8756 9731 Mobile: +44 7715 546 033 4 The Square, Stockley Park, Uxbridge, MIDDLESEX UB11 1BN, GB ============ There is no insolvable problems. Question remanins: can you acceppt the solution?
Current thread:
- RE: The Future of Security, (continued)
- RE: The Future of Security David LeBlanc (Dec 06)
- Re: The Future of Security Rick Smith (Dec 03)
- Re: The Future of Security David LeBlanc (Dec 06)
- RE: The Future of Security Scott, Richard (Dec 03)
- RE: The Future of Security Scott, Richard (Dec 05)
- RE: The Future of Security R. DuFresne (Dec 06)
- Re: The Future of Security ark (Dec 06)
- RE: The Future of Security Rick Smith (Dec 06)
- Re: The Future of Security Randy Witlicki (Dec 06)
- Re: The Future of Security David LeBlanc (Dec 06)
- Re: The Future of Security Damir Rajnovic (Dec 07)
- Re: The Future of Security David LeBlanc (Dec 06)
- RE: The Future of Security LeGrow, Matt (Dec 08)