New Generation Computing, 21(2003)87-106
Ohmsha, Ltd. and Springer-Verlag
Received 15 November 2002
The rapid growth and penetration of the Internet are now leading us to a world where networks are ubiquitous and everything is connected. Breaking the distance barrier by the ubiquitous connection, however, is a two-edged sword. Our network infrastructure today is still fragile and thus "everything is connected" may simply mean "everything can be attacked from whatever place on the earth."
In this paper, we first point out the importance and inherent problems of software systems that underlay open and extensible networks, especially the Internet. We put emphasis on software since software vulnerabilities account for most attacks, incidents, or even disasters on the Internet today. Next we present general ideas of promising techniques in defense of software systems, including theoretical, language-based, and runtime solutions. Finally, we show our experience in developing a secure mail system.
Keywords: Internet Security, Software Security, Verification and Static Analysis, Language-Based Security, Runtime Monitoring.