150 likes | 164 Views
Explore the impact of security issues on network evolution in the post-Internet era, from 2003 trends to future concerns. Delve into the consequences of security measures on connectivity, liability, and isolation strategies.
E N D
The new state of the network: how security issues are reshaping our world Terry Gray UW Computing & Communications Quarterly Computing Support Meeting 28 October 2003
security in the post-Internet era:the needs of the manyvs. the needs of the few
2003: security ”annus horribilis” • Slammer • Blaster • Sobig.F • increasing spyware threat • attackers discover encryption • hints of more “advanced” attacks • and let’s not even talk about spam…
2003: security-related trends • more critical application roll-outs • more mobile devices • growing wireless use • VoIP over 802.11 pilots • faster networks • new network designs (e.g. lambda) • class action lawsuits • RIAA subpoenas • SEC filings on security?
impact • end of an era… say farewell to • the open Internet • autonomous unmanaged PCs • full digital convergence? • say hello to • one-size-fits-all (OSFA) solutions • conflict... everyone wants security and • max availability, speed, autonomy, flexibility • min hassle, cost • the needs of the many trump the needs of the few (but at what cost?)
consequences • more closed nets (bug or feature?) • more VPNs (bug or feature?) • more tunneling -“firewall friendly” apps • more encryption (thanks to RIAA) • more collateral harm -attack + remedy • worse MTTR (complexity, broken tools) • constrained innovation (e.g. p2p voip) • cost shifted from “guilty” to “innocent” • pressure to fix problem at border • pressure for private nets
consequences (2) • mindset: “computer security” failed, so “network security” must be the answer • pressure to make network topology match organization boundaries • ”network of networks” evolution • 1982: minimum impedance between nets • 2003: maximum impedance between nets • loss of Network Utility Model • “Heisen/stein” networking... • uncertain and relativistic connectivity
metamorphosis: Internet paradigm • 1969: “one network” • 1983: “network of networks” • 199x: balkanization begins • 2003: “heat death” begins • 2004: paradigm lost?
how we lost it: inevitable trainwreck? • fundamental contradiction • networking is about connectivity • security is about isolation • vendors sell what users want, not need • conflicting roles • the networking guy • the security guy • the sys admin • oh yeah… and the user • insecurity = liability • liability trumps innovation • liability trumps operator concerns • liability trumps user concerns
observations • system administrator view • some prefer local control/responsibility • some prefer central/big-perimeter defense • some underestimate cost impact on others • user view • want “unlisted numbers” • want “enough openness” to run apps • network operator view • frustration over loss of diagnosability • despair over loss of utility vision • dismay over increasing mgt cost, complexity
observations (2) • feedback loop: • closed nets encourage constrained apps • constrained apps encourage closed nets • tunneling, encryption trends undermine perimeter defense effectiveness • isolation strategies are limited by how many devices you want on your desk. • roads not taken: • What if windows XP had shipped with its integral firewall turned on? • What if UW had mandated and funded positive desktop control?
gray’s defense-in-depth conjecture • given N layers of topological device defense… • MTTE (exploit) = k * N**2 • MTTI (innovation) = k * N**2 • MTTR (repair) = k * N**2 • NB: there is also “vertical” D-I-D for info/session protection, e.g. IPSEC + SSL… but those equations would look different.
never say die • goal: simple core, local policy choice • how to avoid OSFA closed-net future? • design net for local open or closed choice • pervasive IPSEC • asymmetric connectivity (“unlisted numbers”) • combine with tools for “rapid response • won’t reverse trend toward closed nets, • but may avoid undesirable cost shifts • alternative: only closed nets, policy wars