Stronger than the weakest link

Network World, 02/15/99

It is an old maxim that a chain is only as strong as its weakest link. This assumption has long guided the understanding of computer and network security. But this and a number of long-held assumptions are challenged by a recent publication issued at the behest of the U.S. government.

The National Research Council (NRC) has published the results of another one of its panels looking into various aspects of our changing technical world.

This recent NRC volume, "Trust in Cyberspace" (ISBN 0-309-06558-5), is the result of a 14-member committee that started meeting in June 1996. The committee was appointed by the NRC in response to a request from the Defense Advanced Research Agency and the National Security Agency. The study was designed, in the words of the report, "to assess the nature of information systems trustworthiness and the prospects for technology that will increase trustworthiness."

For the fiscally challenged, the NRC has also put this report on the World Wide Web at www.nap.edu/readinroom/books/trust/ .

The report notes: "It is easy to build a system that is less trustworthy than its least trustworthy component. The challenge is to do better: to build systems that are more trustworthy than even their most trustworthy components." The report then provides some general guidelines on ways to amplify system reliability and security. There are a number of chapters in this report, such as "Trustworthy Systems from Untrustworthy Components" mentioned above, that are valuable in their own right. But the mission of NRC committees is to provide specific recommendations for government action, especially in the area of government-funded research.

The committee investigated not only the effects of malicious attacks by people who want to disrupt network operations, but also the effects of accidental misconfigurations of network components and the impact of environmental factors such as fibertropic backhoes.

The conclusions and research recommendations section of the report does not present all that reassuring a picture. The current national network infrastructure, comprising the public telephone network and the Internet, is not well-positioned for security and reliability.

The report points out a number of vulnerable areas and makes several specific recommendations for research that would help to enable the creation of more secure and reliable networks in the future.

There is a possibility that networks in the future can be made more reliable and secure than those with which we are currently dealing. But if that happens, it will be in spite of the market forces that are reshaping our telecommunications world and not because of them. In fact, it could be because of the research recommended in this report.

Disclaimer: Harvard's relationship to market forces is tenuous, so the above must be my observations.