Infrastructure and Security

Marcus J. Ranummjr@nfr.net

Network Flight Recorder, Inc.

Marcus Ranum would like to apologise in advance for any indiscretions he may commit on: ___________________

Topics

• The Market

• Security standards

• How do we improve things?

• The role of strong foundations

• Can DCE be a player?

• Conclusions

The Market

• Key factors affecting security– Commoditization– New entrants– Consolidation– New protocols– The heat-death of the body standard

Market: Commoditization

• Security market (1992-1997) consisted of small players “one trick ponies”

• Sharp competition has driven price of security products down...– Simultaneously distorting perception of

marketability (e.g.: firewall madness of 1993)– Makes cost-sensitive customers avoid

infrastructural security in favor of hacks

Market: New Entrants

• New entrants to market (1995 - 1998) are focused on staking out a market niche

• Less interest in integrating/cooperating with larger/broader efforts

• Time to market dominates startups– No time to attach to big, cumbersome

standards efforts with high cost of entry

Market: Consolidation

• 1998 security market is consolidating

• Most consolidation is security vendors buying eachother (“rollups”)

• Emphasis (and driver) of consolidation is coherent management and integration– This is a niche for foundation applications– But they are being built today “ad hoc”

Market: New Protocols

• New protocols are constantly being added– Many have unpredictable/undocumented

properties– Time-to-market concerns override security

and compatibility/infrastructure

• Huge potential for new security flaws is completely un-addressed

Market: Standards Bodies

• The standards bodies have not yet realized that the world is passing them by at 1,000 miles per hour

• Transition from “standards are important” to “market share is important” in 1993 - 1994– Standards efforts are moribund but don’t

know it yet - they are too slow

Security Standards

• Key Security Standards for the future– Digital certificates– Web– System management– Delegation and definition of trust

Standards: Certificates

• Not quite ironed out yet, but they will be– Too much money invested already

• If they become widely deployed for E-commerce they will be used in virtually all security solutions– Good opportunity for infrastructure systems

that handle them– But today they are still seen as black art

Standards: Web

• Web may become the next generation of middleware/foundation for other applications

• Is DCE’s biggest competition http and SSL?– I think it is

Standards: System M’gment

• System management is the Next Big Area for innovation– (I may be late, judging from the

Compaq/Microsoft/CA/HP announcements this week)

• Management of infrastructure using the infrastructure itself– Security would be nice

Standards: Trust Delegation

• Nobody is really paying attention to this yet– Certificates are a tool for building it but are

groping slowly in that direction

• Foundation/middleware such as DCE should take it into account– It must be manageable (and management

must also support trust delegation)

How do we Improve?

• Infrastructure

• Self-Diagnosis

• Management

Improve: Infrastructure

• We are in a maze of little fiddly infrastructure protocls, all different– RPC/ONC/SMB/HTTP/SSL– IPSEC/SOCKS– ….ad nauseam

• The biggest single security improvement we can make is to adopt a common secure foundation

Improve: Self-Diagnosis

• Software and system are never going to get less complex

• Therefore they must grow better at managing complexity– Which means improved self-diagnosis

• Are systems like DCE easy enough to deploy that my mother could do it?

Improve: Management

• We need– Security protocols that are manageable– Management protocols that are secure

• Can DCE be managed by an office secretary?

• It is management hassles that are making NT take over the desktop– It’ll have its own problems

Improve: Strong Foundations

• New applications need to be able to rely on foundation communications libraries that include:– Access control (firewalling)– Privacy policy (VPN)– Identity and Authorization (authentication

and permissions databases)

• Can DCE help?

DCE a Player?

• No

• Yes

No

• Outside of a select circle, DCE is almost completely unknown

• DCE’s competitors are smaller, faster, and more reactive to industry requirements– The “fast frog syndrome”

• Too many vendor interests hamper ability to react (what about the Web?)

Yes

• You tell me

Conclusions

• Reactivity

• Foundations

Conclusions: Reactivity

• Ability to rapidly react to changing market reality will make or break any technology currently being deployed– Whether it’s good or not is irrelevant as

long as it’s tailorable and works by next week

Conclusions: Foundations

• The big challenge is to get DCE leveraged into the foundations of some kind of “killer app”– It must be simple to manage– It must be cheap– It must be lightweight (for NT desktops)

Summary

• Good luck!