-
March 7th, 2005, 01:17 AM
#1
Perimeterless Security
At the suggestion of another member, I'd like to take up the reins of a new thread to discuss the ideas of information security without boundaries, or perimeterless security as she put it. Wireless networking will certainly play a big role in this, but I think it goes beyond the subject of Wifi and unprotected access points.
This is actually a subject I read about briefly long ago in a magazine article, and it's a concept I've been percolating for some time. With standards like 802.1x becoming reasonably priced and usable (to a limited extent) with modern technology, we can achieve a fair degree of logical security. But networking and security have always been based on a physical model.
Implicit trust has always been an achilles heel; look at the rsh family of applications. Authentication (and subsequently identity management, but that's probably another discussion) is a key part of this issue, and is often considered a silver bullet for security solutions by the uninformed.
Let's break it down with the triple A system:
Authentication
- Are all resources (not *just* the users) what they really appear to be, or claim they are?
Authorization
- Are you able to access *only* resources you have been granted permissions to? Are others denied that should not be, or exposed when they should be concealed?
Audit - also known as - Accounting or Accountability
- Are all activities documented and logged, in a protected fashion to avoid tampering?
Ok, I've started the conversation. Let's carry it forward. Consider Xierox' original dilemma. How do these three points apply, and why or why not?
C'mon, I love the sound of my own voice..., er...typing, but this isn't a tutorial (or it would be in that forum.) Sound off.
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|