Report offers recipe for net protection
The security of networked information systems has become a hot topic. Since the
Presidents Commission on Critical Infrastructure Protection issued a report on the
subject in 1997, the FBI, the Commerce Department and other agencies have established new
security offices. Given the importance of networks, attention to security is overdue.
The year 2000 problem will pass, but we will always have security problems with our
networks. Thats the underlying message of a report by the National Research Council
at the National Academy of Sciences. Prepared by the Computer Science and
Telecommunications Board at NRC, the report attracted little attention outside the
technical community when it was issued, but it deserves a closer look. You can read it
online at http://www.nap.edu/readingroom/. Look for Trust in Cyberspace..
NRC set out to identify the research needed to build robust networked systems that
would reduce software design problems and include mechanisms to prevent disruptions by
hackers, terrorists, disasters and even systems operators. Threats to networks, like
threats to any institution, exist externally and in-house.
The report begins with a look at the public telephone network. This large, familiar
system offers insight into the problems of maintaining trustworthiness on the Internet.
The telephone system and the Internet are intertwined. The report finds that the telephone
network is more vulnerable because of the Internet, but still more reliable than the
New telephone network features such as call forwarding and Caller ID require database
lookups that add complexity and vulnerability. Deregulation has also increased
Software tools play a major role in achieving trustworthiness for a network. And
commercial software is increasingly used for critical network subsystems, the report
notes. Such software is shaped by market forces. Vendors design it with only limited
attention to the needs of government networks. Defects are inevitable, as evidenced by the
regular discovery of vulnerabilities and the issuance of code patches.
The diversity and decentralization of networks is both a blessing and a curse.
Customary responses to security concernsauthentication, access controls, integrity,
and physical and personnel controlsare essential to security. The challenge is to
maintain trustworthiness on the network in an environment characterized by local security
applications that may be incomplete or inadequate.
The good news is that this is possible by anticipating and targeting vulnerabilities.
The bad news is that it wont be easy because of what the report calls a remarkably
poor understanding of practices that foster network trustworthiness.
What impressed me about the report was the extent of the security problems it
identified. We wont improve network security just by buying the latest firewall,
improving the password system or keeping the virus checker up-to-date. As useful and
necessary as those things are, they only pinpoint implementation problems for local users.
Protecting the entire network takes more effort.
The NRC report outlines the scope of the challenge but does not propose a solution or
even a range of solutions. It supplies a complex research agenda for what we must study to
identify and solve problems.
In some ways, the required network security effort resembles the wars on cancer and on
poverty. These gigantic undertakings wrestle with problems that have many causes and
points of attack. No single solution exists; no one approach will produce the desired
The principal fuel for every war is money, so no one should be surprised at the
reports conclusion that more funding is needed for information security research and
The report concludes that there is a way to provide better security if we have the will
to follow through. It proposes a research agenda to show the way.
But we are not likely to find the will unless there is a spectacular failure. The
so-called year 2000 bug benefited from a dramatic deadline and a remarkable convergence of
press, politics and groupies. Network security is not likely to be so lucky, but we can
Robert Gellman, former chief counsel to the House Government Operations
Subcommittee on Information, Justice, Transportation and Agriculture, is a Washington
privacy and information policy consultant. His e-mail address is firstname.lastname@example.org.