Perry writes:
I believe that between IPSP for the links and MOSS (and SHTTP using MOSS for document security) we should have the whole thing wrapped up in a couple of years. Problems still to solve include security for the internet's routing protocols, protection against denial of service attacks, etc.
Could someone say a bit more about the perceived difficulties associated with secure network routing protocols ? TIA.
I am not at all optimistic about defeating DoS attacks....
It seems to me that many of these attacks can be defeated by anti-spam routines (with exponential time buildup) and economic mechanisms. That is, you pay "credits", which can possibly be based on real money, for each access. When you use them up, you must contact the service to request more. Coupled with authentication, this makes DoS tough because you must request more credits for your ID, however, if you use them up quicker than average, you must justify why you need them again so soon. Anti-spam routines have been successful on IRC and MUDS against DoS. Each "request" is measured against the time since the last request. If the time is less than the delay, the request is denied (and with exponential buildup, you double the delay so that even "needling" attacks where a DoS attack finds your delay and transmits just under that, has trouble) If the resource is disk space, or network memory buffers, or whatever, you impose similar timing sensitive constraints. This covers most spam based DoS. -Ray