Stronger than the weakest link
Network World, 02/15/99
It is an old maxim that a chain is only as strong as its weakest
link.
This assumption has long guided the understanding of computer and
network security. But this and a number of long-held assumptions
are
challenged by a recent publication issued at the behest of the
U.S.
government.
The National Research Council (NRC) has published the results of
another one of its panels looking into various aspects of our
changing
technical world.
This recent NRC volume, "Trust in Cyberspace" (ISBN
0-309-06558-5), is the result of a 14-member committee that
started
meeting in June 1996. The committee was appointed by the NRC in
response to a request from the Defense Advanced Research Agency
and the National Security Agency. The study was designed, in the
words of the report, "to assess the nature of information
systems
trustworthiness and the prospects for technology that will
increase
trustworthiness."
For the fiscally challenged, the NRC has also put this report on
the
World Wide Web at www.nap.edu/readinroom/books/trust/ .
The report notes: "It is easy to build a system that is less
trustworthy
than its least trustworthy component. The challenge is to do
better: to
build systems that are more trustworthy than even their most
trustworthy components." The report then provides some
general
guidelines on ways to amplify system reliability and security.
There
are a number of chapters in this report, such as
"Trustworthy Systems
from Untrustworthy Components" mentioned above, that are
valuable
in their own right. But the mission of NRC committees is to
provide
specific recommendations for government action, especially in the
area of government-funded research.
The committee investigated not only the effects of malicious
attacks
by people who want to disrupt network operations, but also the
effects
of accidental misconfigurations of network components and the
impact of environmental factors such as fibertropic backhoes.
The conclusions and research recommendations section of the
report
does not present all that reassuring a picture. The current
national
network infrastructure, comprising the public telephone network
and
the Internet, is not well-positioned for security and
reliability.
The report points out a number of vulnerable areas and makes
several
specific recommendations for research that would help to enable
the
creation of more secure and reliable networks in the future.
There is a possibility that networks in the future can be made
more
reliable and secure than those with which we are currently
dealing.
But if that happens, it will be in spite of the market forces
that are
reshaping our telecommunications world and not because of them.
In
fact, it could be because of the research recommended in this
report.
Disclaimer: Harvard's relationship to market forces is tenuous,
so the
above must be my observations.