An Entity of Type: Thing, from Named Graph: http://dbpedia.org, within Data Space: dbpedia.org

A Secure End Node is a trusted, individual computer that temporarily becomes part of a trusted, sensitive, well-managed network and later connects to many other (un)trusted networks/clouds. SEN's cannot communicate good or evil data between the various networks (e.g. exfiltrate sensitive information, ingest malware, etc.). SENs often connect through an untrusted medium (e.g. the Internet) and thus require a secure connection and strong authentication (of the device, software, user, environment, etc.). The amount of trust required (and thus operational, physical, personnel, network, and system security applied) is commensurate with the risk of piracy, tampering, and reverse engineering (within a given threat environment). An essential characteristic of SENs is they cannot persist informatio

Property Value
dbo:abstract
  • A Secure End Node is a trusted, individual computer that temporarily becomes part of a trusted, sensitive, well-managed network and later connects to many other (un)trusted networks/clouds. SEN's cannot communicate good or evil data between the various networks (e.g. exfiltrate sensitive information, ingest malware, etc.). SENs often connect through an untrusted medium (e.g. the Internet) and thus require a secure connection and strong authentication (of the device, software, user, environment, etc.). The amount of trust required (and thus operational, physical, personnel, network, and system security applied) is commensurate with the risk of piracy, tampering, and reverse engineering (within a given threat environment). An essential characteristic of SENs is they cannot persist information as they change between networks (or domains). The remote, private, and secure network might be organization's in-house network or a cloud service. A Secure End Node typically involves authentication of (i.e. establishing trust in) the remote computer's hardware, firmware, software, and/or user. In the future, the device-user's environment (location, activity, other people, etc.) as communicated by means of its (or the network's) trusted sensors (camera, microphone, GPS, radio, etc.) could provide another factor of authentication. A Secure End Node solves/mitigates end node problem. The common, but expensive, technique to deploy SENs is for the network owner to issue known, trusted, unchangeable hardware to users. For example, and assuming apriori access, a laptop's TPM chip can authenticate the hardware (likewise a user's smartcard authenticates the user). A different example is the DoD Software Protection Initiative's Cross Fabric Internet Browsing System that provides browser-only, immutable, anti-tamper thin clients to users Internet browsing. Another example is a non-persistent, remote client that boots over the network. A less secure but very low cost approach is to trust any hardware (corporate, government, personal, or public) but restrict user and network access to a known kernel (computing) and higher software. An implementation of this is a Linux Live CD that creates a stateless, non-persistent client, for example Lightweight Portable Security. A similar system could boot a computer from a flashdrive or be an immutable operating system within a smartphone or tablet. (en)
dbo:wikiPageExternalLink
dbo:wikiPageID
  • 31350212 (xsd:integer)
dbo:wikiPageInterLanguageLink
dbo:wikiPageLength
  • 4514 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID
  • 1106095468 (xsd:integer)
dbo:wikiPageWikiLink
dbp:wikiPageUsesTemplate
dcterms:subject
rdfs:comment
  • A Secure End Node is a trusted, individual computer that temporarily becomes part of a trusted, sensitive, well-managed network and later connects to many other (un)trusted networks/clouds. SEN's cannot communicate good or evil data between the various networks (e.g. exfiltrate sensitive information, ingest malware, etc.). SENs often connect through an untrusted medium (e.g. the Internet) and thus require a secure connection and strong authentication (of the device, software, user, environment, etc.). The amount of trust required (and thus operational, physical, personnel, network, and system security applied) is commensurate with the risk of piracy, tampering, and reverse engineering (within a given threat environment). An essential characteristic of SENs is they cannot persist informatio (en)
rdfs:label
  • Secure end node (en)
owl:sameAs
prov:wasDerivedFrom
foaf:isPrimaryTopicOf
is dbo:wikiPageRedirects of
is dbo:wikiPageWikiLink of
is foaf:primaryTopic of
Powered by OpenLink Virtuoso    This material is Open Knowledge     W3C Semantic Web Technology     This material is Open Knowledge    Valid XHTML + RDFa
This content was extracted from Wikipedia and is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License