Infrastructure and Security Marcus J. Ranum Network Flight Recorder, Inc.

Marcus Ranum would like to apologise in advance for any indiscretions he may commit on: ___________________ April 30, 1998

Topics The Market Security standards How do we improve things? The role of strong foundations Can DCE be a player? Conclusions

The Market Key factors affecting security –Commoditization –New entrants –Consolidation –New protocols –The heat-death of the body standard

Market: Commoditization Security market ( ) consisted of small players “one trick ponies” Sharp competition has driven price of security products down... –Simultaneously distorting perception of marketability (e.g.: firewall madness of 1993) –Makes cost-sensitive customers avoid infrastructural security in favor of hacks

Market: New Entrants New entrants to market ( ) are focused on staking out a market niche Less interest in integrating/cooperating with larger/broader efforts Time to market dominates startups –No time to attach to big, cumbersome standards efforts with high cost of entry

Market: Consolidation 1998 security market is consolidating Most consolidation is security vendors buying eachother (“rollups”) Emphasis (and driver) of consolidation is coherent management and integration –This is a niche for foundation applications –But they are being built today “ad hoc”

Market: New Protocols New protocols are constantly being added –Many have unpredictable/undocumented properties –Time-to-market concerns override security and compatibility/infrastructure Huge potential for new security flaws is completely un-addressed

Market: Standards Bodies The standards bodies have not yet realized that the world is passing them by at 1,000 miles per hour Transition from “standards are important” to “market share is important” in –Standards efforts are moribund but don’t know it yet - they are too slow

Security Standards Key Security Standards for the future –Digital certificates –Web –System management –Delegation and definition of trust

Standards: Certificates Not quite ironed out yet, but they will be –Too much money invested already If they become widely deployed for E- commerce they will be used in virtually all security solutions –Good opportunity for infrastructure systems that handle them –But today they are still seen as black art

Standards: Web Web may become the next generation of middleware/foundation for other applications Is DCE’s biggest competition http and SSL? –I think it is

Standards: System M’gment System management is the Next Big Area for innovation –(I may be late, judging from the Compaq/Microsoft/CA/HP announcements this week) Management of infrastructure using the infrastructure itself –Security would be nice

Standards: Trust Delegation Nobody is really paying attention to this yet –Certificates are a tool for building it but are groping slowly in that direction Foundation/middleware such as DCE should take it into account –It must be manageable (and management must also support trust delegation)

How do we Improve? Infrastructure Self-Diagnosis Management

Improve: Infrastructure We are in a maze of little fiddly infrastructure protocls, all different –RPC/ONC/SMB/HTTP/SSL –IPSEC/SOCKS –….ad nauseam The biggest single security improvement we can make is to adopt a common secure foundation

Improve: Self-Diagnosis Software and system are never going to get less complex Therefore they must grow better at managing complexity –Which means improved self-diagnosis Are systems like DCE easy enough to deploy that my mother could do it?

Improve: Management We need –Security protocols that are manageable –Management protocols that are secure Can DCE be managed by an office secretary? It is management hassles that are making NT take over the desktop –It’ll have its own problems

Improve: Strong Foundations New applications need to be able to rely on foundation communications libraries that include: –Access control (firewalling) –Privacy policy (VPN) –Identity and Authorization (authentication and permissions databases) Can DCE help?

DCE a Player? No Yes

No Outside of a select circle, DCE is almost completely unknown DCE’s competitors are smaller, faster, and more reactive to industry requirements –The “fast frog syndrome” Too many vendor interests hamper ability to react (what about the Web?)

Yes You tell me

Conclusions Reactivity Foundations

Conclusions: Reactivity Ability to rapidly react to changing market reality will make or break any technology currently being deployed –Whether it’s good or not is irrelevant as long as it’s tailorable and works by next week

Conclusions: Foundations The big challenge is to get DCE leveraged into the foundations of some kind of “killer app” –It must be simple to manage –It must be cheap –It must be lightweight (for NT desktops)

Summary Good luck!