90 likes | 204 Views
security in the post-Internet era: the needs of the many the needs of the few. Terry Gray University of Washington Fall Internet2 Meeting 16 October 2003. 2003: security ”annus horribilis”. Slammer Blaster Sobig.F increasing spyware threat attackers discover encryption
E N D
security in the post-Internet era:the needs of the manythe needs of the few Terry Gray University of Washington Fall Internet2 Meeting 16 October 2003
2003: security ”annus horribilis” • Slammer • Blaster • Sobig.F • increasing spyware threat • attackers discover encryption • hints of more “advanced” attacks • and let’s not even talk about spam…
2003: security-related trends • RIAA subpoenas • growing wireless use • VoIP over 802.11 pilots • more mobile devices • more critical application roll-outs • faster networks • “personal lambda” networks • SEC filings on security? • class action lawsuits?
impact • end of an era… say farewell to • the open Internet • autonomous unmanaged PCs • full digital convergence? • say hello to • one-size-fits-all (OSFA) solutions • conflict... everyone wants security and • max availability, speed, autonomy, flexibility • min hassle, cost • the needs of the many trump the needs of the few (but at what cost?)
consequences • more closed nets (bug or feature?) • more VPNs (bug or feature?) • more tunneling -“firewall friendly” apps • more encryption (thanks to RIAA) • more collateral harm -attack + remedy • worse MTTR (complexity, broken tools) • constrained innovation • cost shifted from “guilty” to “innocent” • pressure to fix problem at border • pressure for private nets
revelations • system administrators (2 kinds…) • want total local autonomy… or • want someone else to solve the problem • often unaware of cost impact on others • users (2 kinds: happy & unhappy) • want “unlisted numbers” • need “openness” defined by apps • feedback loop: • closed nets encourage constrained apps • constrained apps encourage closed nets
perimeter defense tradeoffs • border • biggest vulnerability zone • biggest policy vs. performance concern • subnet • doesn’t match org boundaries • worst case for NetOps debugging • consider also: sub-subnet LFWs, etc. • host • optimal security perimeter • hardest to implement
never say die • goal: simple core, local policy choice • how to avoid OSFA closed net future? • design net for choice of open or closed • pervasive IPsec • combine with “point response” • won’t reverse trend to closed nets, but may avoid bad cost shifts • alternative: only closed nets, policy wars