Network Security and Trust
For the Internet context, the new solution should look at:
- the interactions between entities, helping to establish a level of trust between the entities such as client hosts, servers, ISPs, applications
- the solutions should also help to trace back, block attacks and contain the attacker and, in the long term, make network hacking, spamming and fraud financially less attractive "businesses”. Among the trustworthy distributed solutions a prominent topic is the blockchain.
We work on network wide and distributed systems of security and trust, such as cooperative firewalling, distributed ledger applications, including experimentation, applications to use cases, releases of open source software as well as the development of new network algorithms.
For the Internet, 5G and 6G, we have created the technology of Customer Edge Switching that provides cooperative firewalls for customer networks. These firewalls manage all communication based on policy and would dissolve the boundary between open and closed networks. Such firewalls can collect and attribute evidence of network attacks providing an end to end solution for wide area trust management.
We study the feasibility of such a network wide trust management system in terms of technology and economies of adoption. We have created a Proof-of-Concept level communications security policy management system and shown that it is feasible to largely automate policy creation and allow personification of the policies.
We classify our work in terms of deployability – a typical requirement is that an adoption decision of a solution should make sense for a single selfish investor irrespective of what anyone else is doing. We argue that making significant progress on the issues of trust and security is increasing in importance with the advent of 5G and Beyond 5G era when Information technology is used to read the real world and program events it. In this era physical safety will depend on IT and as a result networks are pushed to the forefront of national security.