Contact:http://www.packetnexus.com
Protecting Critical Systems in Unbounded Networks Robert J. Ellison, David A. Fisher, Richard C. Linger, Howard F. Lipson, Thomas A. Longstaff, Nancy R. Mead Society is growing increasingly dependent on large-scale, highly distributed systems that operate in unbounded network environments. Unbounded networks, such as the Internet, have no central administrative control and no unified security policy. Furthermore, the number and nature of the nodes connected to such networks cannot be fully known. Despite the best efforts of security practitioners, no amount of hardening can assure that a system that is connected to an unbounded network will be invulnerable to attack. The discipline of survivability can help ensure that such systems can deliver essential services and maintain essential properties such as integrity, confidentiality, and performance, despite the presence of intrusions. The New Network Paradigm: Organizational Integration From their modest beginnings some 20 years ago, computer networks have become a critical element of modern society. These networks not only have global reach; they also affect virtually every aspect of human endeavor. Networked systems are principal enabling agents in business, industry, government, and defense. Major economic sectors, including defense, energy, transportation, telecommunications, manufacturing, financial services, health care, and education, all depend on a vast array of networks operating on local, national, and global scales. This pervasive societal dependence on networks magnifies the consequences of intrusions, accidents, and failures, and amplifies the critical importance of ensuring network survivability. A new network paradigm is emerging. Networks are being used to achieve radical new levels of organizational integration. This integration obliterates traditional organizational boundaries and integrates local operations into components of comprehensive, network-based business processes. For example, commercial organizations are integrating operations with business units, suppliers, and customers through large-scale networks that enhance communication and services. These networks combine previously fragmented operations into coherent processes open to many organizational participants. This new paradigm represents a shift from bounded networks with central control to unbounded networks. Unbounded networks are characterized by distributed administrative control without central authority, limited visibility beyond the boundaries of local administration, and a lack of complete information about the entire network. At the same time, organizations' dependence on networks is increasing, and the risks and consequences of intrusions and compromises are amplified. The Internet is an example of an unbounded environment with many client-server network applications. A public Web server and its clients may exist within many different administrative domains on the Internet. Many business-to-business Web-based e-commerce applications depend on conventions within a specific industry segment for interoperability. Within the Internet, there is little distinction between insiders and outsiders. Everyone who chooses to connect to the Internet is an insider, whether or not they are known to a particular subsystem. This characteristic is the result of the desire, and modern necessity, for connectivity. A company cannot survive in a highly competitive industry without easy and rapid access to its customers, suppliers, and partners. More and more, a company's partners on one pr