disconnect: security in the post-Internet era - PowerPoint PPT Presentation

ostinmannual
disconnect security in the post internet era l.
Skip this Video
Loading SlideShow in 5 Seconds..
disconnect: security in the post-Internet era PowerPoint Presentation
Download Presentation
disconnect: security in the post-Internet era

play fullscreen
1 / 17
Download Presentation
disconnect: security in the post-Internet era
236 Views
Download Presentation

disconnect: security in the post-Internet era

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. disconnect: security in the post-Internet era Terry Gray University of Washington S@LS workshop, chicago 12 August 2003

  2. alternative titles • strained bedfellows:--protection for promiscuous connectors • open minds and closed networks:--confessions of a True Believer • life in the post-Internet era:--my journey to unenlightenment • defense in doubt:--preventing the post-Internet apocalypse • the Perimeter Protection Paradox:--searchin’ for security in all the wrong places

  3. outline • thesis • metamorphosis • grief counseling • what we lost • how we lost it • consequences • critical questions

  4. thesis • the Open Internet is history--”get over it“ • cheer up, things could be worse--and will be if we aren’t careful • we can still make good decisions--to avoid even worse outcomesS@LS goal: evaluate alternative futures

  5. metamorphosis: Internet paradigm • 1969: “one network” • 1982: “network of networks” • 199x: balkanization begins • 2003: balkanization complete • 2004: paradigm lost?

  6. metamorphosis: workshop goal • 2000: “network security credo” • 2001: “my first NAT” • 2002: “uncle ken calls” > quest • 2003: “slammer” > intervention • 2003: “dcom/rpc” > wake

  7. metamorphosis: success metrics • nirvana then • open Internet / network utility model • successful end-point security • nirvana now? • operational simplicity • admin-controlled security • user-controlled connectivity

  8. grief counseling • denial • anger • bargaining • depression • acceptance--simultaneously!

  9. what we lost: network utility model • the network utility model is dead--long live the NUM • all ports once behaved the same • simple • easy to debug • now they don’t: • bandwidth management polices • security policies

  10. what we lost: operational integrity • lost: network simplicity, leading to • lower MTBF • higher MTTR • higher costs • lost: full connectivity, leading to • less innovation? • frustration, inconvenience • sometimes less security (faith, backdoors)

  11. how we lost it: inevitable trainwreck? • fundamental contradiction • networking is about connectivity • security is about isolation • conflicting roles: strained bedfellows • the networking guy • the security guy • the sys admin • oh yeah… and the user • insecurity = liability • liability trumps innovation • liability trumps operator concerns • liability trumps user concerns

  12. how we lost it: firewall allure? • firewalls = “packet disrupting devices” • perimeter protection paradoxes • large-perimeter FWs benefit: • SysAd, SecOps, maybe user • at expense of NetOps • the best is the enemy of the good • microsoft rpc exploit has guaranteed that the firewall industry has a bright future

  13. how we lost it: disconnects • failure of “computer security” • vendors gave customers what they wanted, not what they needed • responsibility/authority disconnects guarantee failure • failure of networkers to understand what others wanted • not a completely open Internet! • importance of “unlisted numbers”

  14. consequences (1) • mindset: “computer security” failed, so “network security” must be the answer • extreme pressure to make network topology match organization boundaries • ”network of networks” evolution • 1982: minimum impedance between nets • 2003: maximum impedance between nets • Heisen/stein networking: • uncertain and relativistic connectivity

  15. consequences (2) • more self-imposed denial-of-service • firewalls everywhere • uphill battle for p2p • more tunneled traffic over fewer ports • one FTE per border --with or without firewall • troubleshooting will be harder • NAT survives unless/until a better “unlisted number” mechanism takes hold • security/liability will continue to trump innovation/philosophy/ops costs

  16. critical questions • should we build net topologies that match organizational boundaries? • will end-point security improve enough that perimeter defense will be secondary? • is it too late to try to offer users a choice of open or closed nets? • is the trend toward a single-port tunneled Internet good, bad, or indifferent? • is there any chance IPS or DEN will make it all better? • what’s the best way to implement an “unlisted number” semantic?

  17. discussion! • how do we redefine the Internet, going forward? • I.e. how do we “reconnect”?