15.4 Conclusions

Previous page
Table of content
Next page

15.4    Conclusions

Security engineers and professionals often elaborate on and argue about the importance, usefulness , and suitability of specific security technologies without having the relevant vulnerabilities, threats, and corresponding risks in mind. For example, using a secure messaging scheme, such as PGP or S/MIME, is almost useless if you have nothing to lose and all you want to do is forward electronic versions of the latest jokes to a friend. The use of a secure messaging scheme, however, is very useful if you want to transfer an electronic order to an e-commerce service provider. Consequently, all we do in terms of security should be driven by risk management considerations.

Historically, the usual way to manage risks in the IT world started with a formal risk analysis. This has changed and we start seeing two trends:

  1. Formal risk analyses are being replaced or complemented with alternative approaches and technologies (e.g., security scanners and IDSs).

  2. Preventive security mechanisms are being complemented by detective and reactive security mechanisms.

The first trend occurs simply because formal risk analyses are difficult and labor- intensive and because they poorly scale to large IT environments. Contrary to that, the second trend occurs because preventive security mechanisms, such as firewalls and the use of cryptographic security protocols, have turned out to be incomplete, meaning that they do not patch all vulnerabilities and do not protect against all possible threats. As a first order approximation you may think of all systems and applications to be vulnerable and exploitable by specific attacks. This is true even if the systems and applications use some sophisticated preventive security mechanisms. In fact, it is possible and likely that security breaches and vulnerability exploits will always occur and compromise the security of our systems and applications. The role of the preventive security mechanisms is only to lower the likelihood that a serious exploit will happen.

Against this background, we have to think about detection and response. How do you, for example, make sure that exploits and attacks are detected in the first place? Note that, contrary to the real world, a victim may not necessarily be aware of the fact that he or she has become a victim in the digital world. Data can be copied electronically without leaving any traces. Similarly, what do you do if an exploit or attack is actually detected? How do you respond to exploits and attacks? In either case, you need detective and reactive security mechanisms. One may argue that detective and reactive security mechanisms are becoming more important because of the incomplete nature of the preventive security mechanisms we have in place today.

More recently, Bruce Schneier provided some arguments for the importance of detection and response and why they are important in the insecure IT world in which we live today [11]. Anybody who is in charge of designing security for an intranet environment should carefully think about the role of detection and response in that environment. These components are becoming increasingly important these days.



Previous page
Table of content
Next page
Security Technologies for the World Wide Web
Security Technologies for the World Wide Web, Second Edition
ISBN: 1580533485
EAN: 2147483647
Year: 2003
Pages: 142
Authors: Rolf Oppliger
BUY ON AMAZON
Metrics and Models in Software Quality Engineering (2nd Edition)
Image Processing with LabVIEW and IMAQ Vision
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
Special Edition Using Crystal Reports 10
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
Special Edition Using FileMaker 8
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy