Target naming and service apoptosis

Abstract

The volume of traffic on security mailing lists, bulletin boards, news forums, et cetera has grown so sharply in recent times that it is no longer feasible for a systems administrator to follow all relevant news as a background task; it has become a full-time job. Even when relevant information does eventually reach the systems administrator, there is, often a dangerous window between public knowledge of a vulnerability and the administrators ability to correct it. Automated responses mechanisms are the key to closing these vulnerability windows. We propose a database of likely areas of vulnerability, called targets, in a machine readable and filterable manner so that administrators can greatly reduce the amount of security mail to be read. We then propose a cryptographically secure service with which semi-trusted third parties can act in a manner limited by the system administrator, say shutting down a specific service while not allowing general access, to diminish the window of vulnerability.