Abstract
The starting point of the present paper is the ongoing transformation of the Information and Communication Technology (ICT) environment and the consequences of this transformation for the choice and realisation of optimal strategies to protect ICT assets against malicious use. Current defence strategies emphasise preventive countermeasures and recovery, devoting less effort to detection and immediate response. This strategy may provide adequate protection for static environments, with fairly well defined actors, borders and trust domains. However, the above assumptions prove invalid in the evolving dynamic environment, exhibiting complex and rapidly changing configurations and trust relationships.
An architectural framework is needed, which can provide stronger support for detection of and efficient response to attacks and is less dependent on preventive, perimeter protection. The core of the concept is tight integration and interaction between applications, protection mechanisms and system management. This change of defence strategy is needed in order to meet security requirements posed by actors in the emerging dynamic ICT environment. The subsequent analysis and discussion will identify the main characteristics of the proposed architecture.
The second part of the paper is devoted to some key issues of trust establishment in open environments, necessary for trust in seamless, pervasive services. An attempt is made to identify experiences from the field of electronic signature infrastructures, which may be applicable to validate trustworthiness of service providers in the wider ICT context. The last section provides suggestions for future work.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Dacier, M. (editor). Design of an Intrusion-Tolerant Intrusion Detection System, Deliverable D10. Maftia European Project 1ST-1999-11583, IBM Zurich Research Laboratory, 2002
Håkan Kvarnström. On the Implementation and Protection of Fraud Detection Systems. Thesis for the degree of doctor of philosophy (ISBN 91-7291-461-0), June 2004, Department of Computer Engineering, Chalmers University of Technology, SE-412 96 G öteborg.
Håkan Kvarnström, Ulf Larsson, Erland Jonsson. New security issues in emerging computing environments — A reflection. Technical Report 04-02. Department of Computer Engineering, Chalmers University of Technology, SE-412 96 G öteborg, Sweden.
ETSI Technical Report, Signature policy for extended business model, TR 102 045 v1.1.1, 2003-03.
ETSI Technical Specification, Provision of harmonised Trust Service Provider status information, TS 102 231vl.l.l, 2003-10.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2004 Friedr. Vieweg & Sohn Verlagsgesellschaft/GWV Fachverlage GmbH, Wiesbaden
About this chapter
Cite this chapter
Endersz, G. (2004). Secure ICT Architectures for Efficient Detection and Response. In: ISSE 2004 — Securing Electronic Business Processes. Vieweg+Teubner Verlag. https://doi.org/10.1007/978-3-322-84984-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-322-84984-7_5
Publisher Name: Vieweg+Teubner Verlag
Print ISBN: 978-3-528-05910-1
Online ISBN: 978-3-322-84984-7
eBook Packages: Springer Book Archive