[ Last changed: 27th January 1997 ]
Distributed computer networks of unlimited extensibility and scale will evolve over the next decade. On behalf of their users, a huge variety of computers systems will offer, request and exchange services in an immense international open trading enterprise where there can be no central authority and no ubiquitous security infrastructure. This seminar will present a view that to meet the challenge we must take a radically different approach to computer security. It will argue for a change of emphasis, away from enforcement of administrator imposed security policies through an infrastructure, towards a regime of self-defence by individual service providers. It will discuss the policy nuances, required mechanisms and protocol design consequences that would follow from this change of direction.