Disseminating Security Updates at Internet Scale

Jun Li,Peter Reiher,Gerald J. Popek

Disseminating Security Updates at Internet Scale
Format
Hardback
Publisher
Springer-Verlag New York Inc.
Country
United States
Published
30 November 2002
Pages
157
ISBN
9781402073052

Disseminating Security Updates at Internet Scale

Jun Li,Peter Reiher,Gerald J. Popek

This title is printed to order. This book may have been self-published. If so, we cannot guarantee the quality of the content. In the main most books will have gone through the editing process however some may not. We therefore suggest that you be aware of this before ordering this book. If in doubt check either the author or publisher’s details as we are unable to accept any returns unless they are faulty. Please contact us if you have any questions.

In 1775, Paul Revere, the folk hero of the American Revolution, galloped wildly on horseback through small towns to warn American colonists that the British were coming. In the Internet age, how do we warn vast numbers of computers about impending cyber attacks? Rapid and widespread dissemination of security updates throughout the Internet would be invaluable for many purposes, including sending early-warning signals, distributing new virus signatures, updating certificate revocation lists, dispatching event information for intrusion detection systems and so forth. However, notifying a large number of machines securely, quickly, and with high assurance is very challenging. Such a system must compete with the propagation of threats, handle complexities in large-scale environments, address interruption attacks toward dissemination, and also secure itself. This work describes an alternative system, Revere , that addresses these problems. Revere builds large-scale, self-organizing and resilient overlay networks on top of the Internet to push security updates from dissemination centers to individual nodes. It also sets up repository servers for individual nodes to pull missed security updates. This book further discusses how to protect this push-and-pull dissemination procedure and how to secure Revere overlay networks, considering possible attacks and countermeasures. The book presents experimental measurements of a prototype implementation of Revere gathered using a large-scale oriented approach. These measurements suggest that Revere can deliver security updates at the required scale, speed and resiliency for a reasonable cost. The text is designed to meet the needs of researchers and practitioners in industry and graduate students in computer science. It should also be helpful to those trying to design peer systems at large scale when security is a concern, since many of the issues faced by these designs are also faced by Revere. The Revere solutions may not always be appropriate for other peer systems with very different goals, but the analysis of the problems and possible solutions discussed here should be helpful in designing a customized approach for such systems.

This item is not currently in-stock. It can be ordered online and is expected to ship in 7-14 days

Our stock data is updated periodically, and availability may change throughout the day for in-demand items. Please call the relevant shop for the most current stock information. Prices are subject to change without notice.

Sign in or become a Readings Member to add this title to a wishlist.