Abstract
In this paper we identify a number of security problems encountered in open, untrusted networks and motivate why some of these problems are going to remain with us for the foreseeable future. In order to reduce system vulnerability in such environments, we suggest that network services should provide a second line of defense to catch those attackers who are not excluded by the first line --- the conventional signon process. Part of this fallback position could adapt anomaly detection (a concept borrowed from conventional network intrusion detection systems) to provide a means of gradually and continuously authenticating users and modulating their access rights accordingly.