The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - Jan.-Feb. (2013 vol.11)
pp: 23-31
Edward G. Amoroso , AT&T Labs
ABSTRACT
The enterprise perimeter has exhibited gradual trust degradation owing to a succession of connectivity decisions involving Web, email, virtual private networking, exceptions, and mobile networks as well as a succession of threats including malware and advanced persistent threats (APTs). The author proposes restoring trust to the enterprise by focusing protection strategies on a set of prioritized assets. The protections center on three zones: a client zone, a network zone with network-based carrier protection services, and a cloud zone with third-party attested security heavily indexed toward identity and access management services. The resultant enterprise network is more resilient to leakage attacks such as APTs.
INDEX TERMS
Cloud computing, Computer security, Malware, Mobile communication, Virtual private networks, advanced persistent threats, enterprise perimeter, enterprise networks, firewall, intrusion detection system, intrusion prevention system
CITATION
Edward G. Amoroso, "From the Enterprise Perimeter to a Mobility-Enabled Secure Cloud", IEEE Security & Privacy, vol.11, no. 1, pp. 23-31, Jan.-Feb. 2013, doi:10.1109/MSP.2013.8
REFERENCES
1. W. Cheswick and S. Bellovin, Firewalls and Internet Security, Addison-Wesley, 1993.
2. D.E. Bell and L.J. LaPadula,Secure Computer Systems, tech. report MTR-2547, Mitre, Mar.–Dec. 1973.
3. E. Amoroso et al., “Toward an Approach to Measuring Software Trust,” Proc. IEEE Symp. Security and Privacy, IEEE CS, 1991, pp. 198–218.
4. W. Fenson and S. Hill, Implementing and Managing Telework: A Guide for Those Who Make It Happen, Praeger, 2003.
5. T. Cutler, “The Anatomy of an Advanced Persistent Threat,” SecurityWeek,6 Dec. 2010; www.securityweek.comanatomy-advanced-persistent-threat .
6. E. Amoroso, Cyber Attacks: Protecting National Infrastructure, Elsevier, 2010.
7. Trusted Computer System Evaluation Criteria (TCSEC), DoD 5200.28-STF, National Computer Security Center, 1983.
6 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool