So far there are few organized ideas at this site on network security. Unlike security within a single computer, which I consider largely solved, I don't have an answer for comprehensive network security, not even an untested idea. There are a variety of network security issues sketched here, but those are not much assimilated.

Solution Fragments

The issue of availability looms very large in Network security. I include availability under security for how safe is a network you can't use? If physical attacks are the only threat to availability then the ARPA net design is quite good. It seems more vulnerable to logical attacks, however, than other more traditional net designs.

My answer to computer security is to identify and minimize the TCB so as to make it understandable and get the code right. I don't know how to do this for the distributed network.

Place!!One solved network security problem is ensuring secrets are kept. Several forms of crypto capability schemes provide strong, "simple on the outside" authentication and secrecy.