Infrastructure-level trust-based protection for security-concerned systems and their communications

As many distributed mission-critical systems have taken advantage of Internet connectivity, malicious cyber attacks seriously threat the availability of such systems, due to the lack of infrastructure-level protection on the Internet. In this paper, we propose a trust-based protection framework to address this issue. To encourage users to secure their systems and gradually remove pervasive security issues on end systems, we argue that we should have positive mechanisms to award more secure systems, e.g., by enabling better service for these systems. Since mission-critical systems are usually well-managed and more secure than common user systems, the proposed framework enables the network infrastructure to provide better network services for these more trusted systems. This position paper simply outlines the key components of the framework and discusses related research issues. We are working on the full design and analysis.