|
|
|
MODERN IT ENVIRONMENT Open — By contrast, modern computing environmentsare open. Like the postal system, for the price of a stamp anyonemay send a message. For the price of an accommodation address,anyone can get an answer back. For not much more, anyone can open his own post office. Modern networks are open in the sense thatnodes can be added late and without the permission or cooperationof others. They are open in the sense that their applications arenot predetermined. Flat — The modern network is flat. Traffic flowswith equal ease between any two points in the network. It flowshorizontally as well as it does vertically. Traffic flows directlyand without any mediation. If one were to measure the bandwidthbetween any two points in the network, chosen arbitrarily, it wouldbe approximately equal to that between any other two points chosenthe same way. While traffic my flow faster between two points thatare close to each other, taken across the collection of all pairs,it flows with the same speed. Broadcast — Modern networks are broadcast. Whileorderly nodes accept only that traffic which is intended for them,traffic will be seen by multiple nodes in addition to the one forwhich it is intended. Thus, confidentiality may depend in part uponthe fact that a large number of otherwise unreliable devices allbehave in an orderly manner. Packet-switched — Modern networks arepacket-switched rather than circuit-switched. In part this meansthat the messages are broken into packets and each packet is sentindependent of the others. Two packets sent from the same originto the same destination may not follow the same path and may notarrive at the destination in the same order that they were sent.The sender cannot rely upon the safety of the path or the arrivalof the message at the destination and the receiver cannot rely uponthe return address. In part, it means that a packet may bebroadcast to multiple nodes, even to all nodes, in an attempt tospeed it to its destination. By design it will be heard by manynodes other than the ones for which it is intended. Intelligent workstations — In modern environments,the workstations are intelligent, independently programmable, andcapable of performing independent work or applications. They arealso vulnerable both to the leakage of sensitive information andto the insertion of malicious programs. These malicious programsmay be untargeted viruses or they may be password grabbers that areaimed at specific workstations, perhaps those used by privilegedusers. Heterogeneousness — The modern network is composedof a variety of nodes and links from many different vendors. Theremay be dozens of different workstations, servers, and operatingsystems. The links may be of many speeds and employ many differentkinds of signaling. This makes it difficult to employ anarchitecture that relies upon the control or behavior of thecomponents. OTHER SECURITY ARCHITECTURE REQUIREMENTS IT architecture — The information securityarchitecture is derivative of and subordinate to the informationtechnology architecture. It is not independent. One cannot do asecurity architecture except in the context of and in response toan IT architecture. An information technology architecturedescribes the appearance, function, location, and materials for theuse of information technology. Often one finds that the IT architecture is not sufficiently well thought out or documented tosupport the development of the security architecture. That is tosay, it describes fewer than all four of the things that anarchitecture must describe. Where it is documented at all, one canexpect to find that it describes the materials but not appearance,location, or function. Policy or management intent — The securityarchitecture must document and respond to a policy or an expressionof the level of risk that management is prepared to take. This willinfluence materials chosen, the roles assigned, the number ofpeople involved in sensitive duties, etc. Industry and institutional culture — Thearchitecture must document and respond to the industry andinstitutional culture. The design that is appropriate to a bankwill not work for a hospital, university, or auto plant. Other — Likewise, it must respond to the managementstyle — authoritarian or permissive, prescriptive or reactive— of the institution, to law and regulation, to duties owedto constituents, and to good practice.
|