Denial of Service: A Perspective

  • Jonathan K. Millen
Part of the Dependable Computing and Fault-Tolerant Systems book series (DEPENDABLECOMP, volume 9)


The scope of “denial-of-service protection” can be limited by comparing it and contrasting it with related concepts. The objectives and general concepts that drive current research have already been clarified to some extent by prior work. We summarize the general conclusions that have emerged, and assess their implications for the development of denial-of-service protection requirements and the guidance of future research.


IEEE Computer Society Fault Tolerance Congestion Control Service Request Malicious Node 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    M. D. Abrams, K. E. Eggers, L. J. La Padula, and I. M. Olson, “A Generalized Framework for Access Control: An Informal Description,” Proc. 1990 National Computer Security Conference, October, 1990.Google Scholar
  2. [2]
    E. M. Bacic and M. Kuchta, “Considerations in the Preparation of a Set of Availability Criteria,” Third Annual Canadian Computer Security Conference, Ottawa, Canada, May 1991, 283-292.Google Scholar
  3. [3]
    A. Bestavros, “Time-Constrained Reactive Automata,” Proc. Real-Time Systems Symposium, IEEE Computer Society, 1991, 244-253.Google Scholar
  4. [4]
    K. J. Biba, “Integrity Considerations for Secure Computer Systems,” ESD-TR-76, NTIS AD-A039324, Electronic Systems Division, Air Force Systems Command, April, 1977.Google Scholar
  5. [5]
    W. Boebert and R. Kain, “A Practical Alternative to Hierarchical Integrity Policies,” Proc. 8th National Computer Security Conference, 18-27.Google Scholar
  6. [6]
    D. Brewer and M. Nash, “The Chinese Wall Security Policy,” Proc. 1989 Security and Privacy Symposium, IEEE Computer Society, 206-214.Google Scholar
  7. [7]
    D. D. Clark and D. R. Wilson, “Comparison of Commercial and Military Computer Security Policies,” 1987 Symposium on Security and Privacy, IEEE Computer Society, 184-194.Google Scholar
  8. [8]
    J. Dobson, “Information and Denial of Service,” Database Security V: Status and Prospects, IFIP Transactions A-6, 1992,21-46.Google Scholar
  9. [9]
    V. Gligor, “A Note on the Denial-of-Service Problem,” Proc. 1983 Symposium on Security and Privacy, IEEE Computer Society, 139-149.Google Scholar
  10. [10]
    J. T. Haigh, R. C. O’Brien, W. T. Wood, T. G. Fine, M. J. Endrizzi, “Assured Service Concepts and Models. Volume 3. Availability in Distributed MLS Systems,” Secure Computing Technology Corp., Arden Hills, MN, January 1992.Google Scholar
  11. [11]
    Information Technology Security Evaluation Criteria (ITSEC), Der Bundesminister des Innern, Bonn, May 1990.Google Scholar
  12. [12]
    W. Hu, “Lattice Scheduling and Covert Channels,” Proc. 1992 Symposium on Security and Privacy, IEEE Computer Society, 52-61.Google Scholar
  13. [13]
    National Computer Security Center, “Integrity-Oriented Control Objectives,” C Technical Report 111–91, October, 1991.Google Scholar
  14. [14]
    National Computer Security Center, “Integrity in Automated Information Systems,” C Technical Report 79–91, September, 1991.Google Scholar
  15. [15]
    J. C. LaPrie (ed.), Dependability: Basic Concepts and Terminology, Springer-Verlag, 1992.Google Scholar
  16. [16]
    B. Littlewood, “How to Measure Reliability and How Not To,” IEEE Trans. on Reliability, Vol. R-28, No. 2, June 1979, 103–110.MathSciNetCrossRefGoogle Scholar
  17. [17]
    N. G. Leveson, “Verification of Safety,” Safety of Computer Control Systems 1983 (SAFECOMP ’83), IFAC, Pergamon Press, New York, 1983, 167–174.Google Scholar
  18. [18]
    A. Mili, An Introduction to Program Fault Tolerance, Prentice Hall, New York, 1990.Google Scholar
  19. [19]
    J. K. Millen, “A Resource Allocation Model for Denial of Service,” Proc. 1992 Symposium on Security and Privacy, IEEE Computer Society, 137-147.Google Scholar
  20. [20]
    R. S. Sandhu, “Expressive Power of the Schematic Protection Model,” J. Computer Security, Vol. 1, No. 1, 1992, 59–98.MathSciNetGoogle Scholar
  21. [21]
    Department of Defense Trusted Computer System Evaluation Criteria, DOD 5200.28-STD, December, 1985.Google Scholar
  22. [22]
    C-F. Yu and V. D. Gligor, “A Specification and Verification Method for Preventing Denial of Service,” IEEE Trans. on Software Engineering, Vol. 16, No. 6, June 1990, 581–592.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag/Wien 1995

Authors and Affiliations

  • Jonathan K. Millen
    • 1
  1. 1.The MITRE CorporationBedfordUSA

Personalised recommendations