Location: Flying to Las Vegas for Interop
First, my apologies for being quiet for a while. Had a crazy two weeks that required me to do my full-time job much more than full time.
While I have a number of topics in the queue, I wanted to take a run today at a few of the comments and questions that emerged from my Security post.
Here’s a few that capture the tone of the dialog:
Many wrote “…Where would you put security to insure payload integrity?”
BigBaadBob wrote “Actually, the thing I think is MOST forgotten is that the threat models are fundamentally different from those in the past scenarios you cite.”
LSC wrote “The transport network should be concerned with connectivity, Quality of Service and protecting the integrity of the network itself (as opposed to trying to protect the endpoints: users, devices and applications) - but maybe that is exactly what you refer to as ‘network security’.”
I love this kind of dialog, where we begin to see that the word “Security” is a complex and fundamental topic that is not solved by a silver bullet of any single technology. In the communications environment, for us to achieve any realistic security posture we must look holistically at the problem to find the solution. I won’t offer a silver bullet (see above…none exists), but I would like to take a few minutes to expand on some of the comments and ideas in the dialog.
A few years ago, I spent a lot of time talking to people about how to address security in the context of compliance with various laws and regulations that existed at the time. One thing I found was that if you tried to address any specific compliance obligation (SOX, HIPAA, GLB, …), you would find that although you solved for that law, because your networking systems were actually common, used to transport all data, they were impacted by multiple laws and needed to support a wide range of compliance obligations simultaneously. In many cases, companies that did exceptional jobs addressing one obligation created systems and solutions that were mutually exclusive of the solution needed for the next obligation. What came out of that dialog was that the better approach to dealing with compliance was to focus on the primitives or core needs that were shared by all of these laws (super or sub set).
In order to achieve an acceptable compliance posture from a networking perspective, the model I talked about back then was that you should focus on achieving the following three capabilities:
Message Integrity – Assure that the parties involved are trusted and that the message has not been modified in transit nor is it malicious.
Message Assurance – Assure that in the presence of the unknown event (virus, worm, hacking, DDoS…) that the message is delivered.
Message Privacy – Assure that the message is visible to the parties that need to see it and masked from those who do not.
What was interesting with this model is that if you focused on these capabilities you could meet the spirit and intent of HIPAA and SOX and other laws over the same communications network. The reuse of solving for these issues was quite high and, over the years that I was positioning this approach, new standards and regulations emerged that did not break the model.
Read the rest of this entry »
