1 / 17

disconnect: security in the post-Internet era

disconnect: security in the post-Internet era Terry Gray University of Washington S@LS workshop, chicago 12 August 2003 alternative titles strained bedfellows: --protection for promiscuous connectors open minds and closed networks: --confessions of a True Believer

ostinmannual
Download Presentation

disconnect: security in the post-Internet era

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. disconnect: security in the post-Internet era Terry Gray University of Washington S@LS workshop, chicago 12 August 2003

  2. alternative titles • strained bedfellows:--protection for promiscuous connectors • open minds and closed networks:--confessions of a True Believer • life in the post-Internet era:--my journey to unenlightenment • defense in doubt:--preventing the post-Internet apocalypse • the Perimeter Protection Paradox:--searchin’ for security in all the wrong places

  3. outline • thesis • metamorphosis • grief counseling • what we lost • how we lost it • consequences • critical questions

  4. thesis • the Open Internet is history--”get over it“ • cheer up, things could be worse--and will be if we aren’t careful • we can still make good decisions--to avoid even worse outcomesS@LS goal: evaluate alternative futures

  5. metamorphosis: Internet paradigm • 1969: “one network” • 1982: “network of networks” • 199x: balkanization begins • 2003: balkanization complete • 2004: paradigm lost?

  6. metamorphosis: workshop goal • 2000: “network security credo” • 2001: “my first NAT” • 2002: “uncle ken calls” > quest • 2003: “slammer” > intervention • 2003: “dcom/rpc” > wake

  7. metamorphosis: success metrics • nirvana then • open Internet / network utility model • successful end-point security • nirvana now? • operational simplicity • admin-controlled security • user-controlled connectivity

  8. grief counseling • denial • anger • bargaining • depression • acceptance--simultaneously!

  9. what we lost: network utility model • the network utility model is dead--long live the NUM • all ports once behaved the same • simple • easy to debug • now they don’t: • bandwidth management polices • security policies

  10. what we lost: operational integrity • lost: network simplicity, leading to • lower MTBF • higher MTTR • higher costs • lost: full connectivity, leading to • less innovation? • frustration, inconvenience • sometimes less security (faith, backdoors)

  11. how we lost it: inevitable trainwreck? • fundamental contradiction • networking is about connectivity • security is about isolation • conflicting roles: strained bedfellows • the networking guy • the security guy • the sys admin • oh yeah… and the user • insecurity = liability • liability trumps innovation • liability trumps operator concerns • liability trumps user concerns

  12. how we lost it: firewall allure? • firewalls = “packet disrupting devices” • perimeter protection paradoxes • large-perimeter FWs benefit: • SysAd, SecOps, maybe user • at expense of NetOps • the best is the enemy of the good • microsoft rpc exploit has guaranteed that the firewall industry has a bright future

  13. how we lost it: disconnects • failure of “computer security” • vendors gave customers what they wanted, not what they needed • responsibility/authority disconnects guarantee failure • failure of networkers to understand what others wanted • not a completely open Internet! • importance of “unlisted numbers”

  14. consequences (1) • mindset: “computer security” failed, so “network security” must be the answer • extreme pressure to make network topology match organization boundaries • ”network of networks” evolution • 1982: minimum impedance between nets • 2003: maximum impedance between nets • Heisen/stein networking: • uncertain and relativistic connectivity

  15. consequences (2) • more self-imposed denial-of-service • firewalls everywhere • uphill battle for p2p • more tunneled traffic over fewer ports • one FTE per border --with or without firewall • troubleshooting will be harder • NAT survives unless/until a better “unlisted number” mechanism takes hold • security/liability will continue to trump innovation/philosophy/ops costs

  16. critical questions • should we build net topologies that match organizational boundaries? • will end-point security improve enough that perimeter defense will be secondary? • is it too late to try to offer users a choice of open or closed nets? • is the trend toward a single-port tunneled Internet good, bad, or indifferent? • is there any chance IPS or DEN will make it all better? • what’s the best way to implement an “unlisted number” semantic?

  17. discussion! • how do we redefine the Internet, going forward? • I.e. how do we “reconnect”?

More Related