Presentation is loading. Please wait.

Presentation is loading. Please wait.

Infrastructure and Security Marcus J. Ranum Network Flight Recorder, Inc.

Published byJohn Nelson Modified over 9 years ago

Similar presentations

Presentation on theme: "Infrastructure and Security Marcus J. Ranum Network Flight Recorder, Inc."— Presentation transcript:

1 Infrastructure and Security Marcus J. Ranum mjr@nfr.net Network Flight Recorder, Inc.

2 Marcus Ranum would like to apologise in advance for any indiscretions he may commit on: ___________________ April 30, 1998

3 Topics The Market Security standards How do we improve things? The role of strong foundations Can DCE be a player? Conclusions

4 The Market Key factors affecting security –Commoditization –New entrants –Consolidation –New protocols –The heat-death of the body standard

5 Market: Commoditization Security market (1992-1997) consisted of small players “one trick ponies” Sharp competition has driven price of security products down... –Simultaneously distorting perception of marketability (e.g.: firewall madness of 1993) –Makes cost-sensitive customers avoid infrastructural security in favor of hacks

6 Market: New Entrants New entrants to market (1995 - 1998) are focused on staking out a market niche Less interest in integrating/cooperating with larger/broader efforts Time to market dominates startups –No time to attach to big, cumbersome standards efforts with high cost of entry

7 Market: Consolidation 1998 security market is consolidating Most consolidation is security vendors buying eachother (“rollups”) Emphasis (and driver) of consolidation is coherent management and integration –This is a niche for foundation applications –But they are being built today “ad hoc”

8 Market: New Protocols New protocols are constantly being added –Many have unpredictable/undocumented properties –Time-to-market concerns override security and compatibility/infrastructure Huge potential for new security flaws is completely un-addressed

9 Market: Standards Bodies The standards bodies have not yet realized that the world is passing them by at 1,000 miles per hour Transition from “standards are important” to “market share is important” in 1993 - 1994 –Standards efforts are moribund but don’t know it yet - they are too slow

10 Security Standards Key Security Standards for the future –Digital certificates –Web –System management –Delegation and definition of trust

11 Standards: Certificates Not quite ironed out yet, but they will be –Too much money invested already If they become widely deployed for E- commerce they will be used in virtually all security solutions –Good opportunity for infrastructure systems that handle them –But today they are still seen as black art

12 Standards: Web Web may become the next generation of middleware/foundation for other applications Is DCE’s biggest competition http and SSL? –I think it is

13 Standards: System M’gment System management is the Next Big Area for innovation –(I may be late, judging from the Compaq/Microsoft/CA/HP announcements this week) Management of infrastructure using the infrastructure itself –Security would be nice

14 Standards: Trust Delegation Nobody is really paying attention to this yet –Certificates are a tool for building it but are groping slowly in that direction Foundation/middleware such as DCE should take it into account –It must be manageable (and management must also support trust delegation)

15 How do we Improve? Infrastructure Self-Diagnosis Management

16 Improve: Infrastructure We are in a maze of little fiddly infrastructure protocls, all different –RPC/ONC/SMB/HTTP/SSL –IPSEC/SOCKS –….ad nauseam The biggest single security improvement we can make is to adopt a common secure foundation

17 Improve: Self-Diagnosis Software and system are never going to get less complex Therefore they must grow better at managing complexity –Which means improved self-diagnosis Are systems like DCE easy enough to deploy that my mother could do it?

18 Improve: Management We need –Security protocols that are manageable –Management protocols that are secure Can DCE be managed by an office secretary? It is management hassles that are making NT take over the desktop –It’ll have its own problems

19 Improve: Strong Foundations New applications need to be able to rely on foundation communications libraries that include: –Access control (firewalling) –Privacy policy (VPN) –Identity and Authorization (authentication and permissions databases) Can DCE help?

20 DCE a Player? No Yes

21 No Outside of a select circle, DCE is almost completely unknown DCE’s competitors are smaller, faster, and more reactive to industry requirements –The “fast frog syndrome” Too many vendor interests hamper ability to react (what about the Web?)

22 Yes You tell me

23 Conclusions Reactivity Foundations

24 Conclusions: Reactivity Ability to rapidly react to changing market reality will make or break any technology currently being deployed –Whether it’s good or not is irrelevant as long as it’s tailorable and works by next week

25 Conclusions: Foundations The big challenge is to get DCE leveraged into the foundations of some kind of “killer app” –It must be simple to manage –It must be cheap –It must be lightweight (for NT desktops)

26 Summary Good luck!

Download ppt "Infrastructure and Security Marcus J. Ranum Network Flight Recorder, Inc."

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.

Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.
Security Issues of E-commerce. Tools to manage the risks.

Security Issues of E-commerce. Tools to manage the risks.
All Contents © 2003 Burton Group. All rights reserved. Identity Management Market Update Prepared for Cal State Universities Mike Neuenschwander senior.

All Contents © 2003 Burton Group. All rights reserved. Identity Management Market Update Prepared for Cal State Universities Mike Neuenschwander senior.
Chapter 7 Advantages and Disadvantages of Web Services

Chapter 7 Advantages and Disadvantages of Web Services
Expanding Your Business through electronic commerce aka e-commerce.

Expanding Your Business through electronic commerce aka e-commerce.
Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.
Tutor2u ™ GCSE Business Studies Revision Presentations 2004 Growing a Business.

Tutor2u ™ GCSE Business Studies Revision Presentations 2004 Growing a Business.
Public Policy Issues in the Communications and Infrastructure Services Policy area Geoff Huston APNIC June 2011.

Public Policy Issues in the Communications and Infrastructure Services Policy area Geoff Huston APNIC June 2011.
Why your company should use ITIL Ari Rantala University of Jyväskylä Information system science.

Why your company should use ITIL Ari Rantala University of Jyväskylä Information system science.
© 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. Taking up the Task of Business Transformation Global CIO Study 2015.

© 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. Taking up the Task of Business Transformation Global CIO Study 2015.
Innovation and IS Kieran Mathieson. What is Innovation?  Long definition Successful innovation is the creation and implementation of new processes, products,

Innovation and IS Kieran Mathieson. What is Innovation?  Long definition Successful innovation is the creation and implementation of new processes, products,
Rethinking Security to Enable Business LJ Johnson Nike’s Global Information Security Officer August 16, 2005.

Rethinking Security to Enable Business LJ Johnson Nike’s Global Information Security Officer August 16, 2005.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S09761197.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
NetApp and Microsoft Alliance. Content  Technology and the Today World  Who are these players?, Alliance Overview  Motive & Fit and Mutual Benefit.

NetApp and Microsoft Alliance. Content  Technology and the Today World  Who are these players?, Alliance Overview  Motive & Fit and Mutual Benefit.
BUSINESS MODELS MODELS What is a MODEL ? Model in physical world A small object, built to scale, representing a larger, more complex object.

BUSINESS MODELS MODELS What is a MODEL ? Model in physical world A small object, built to scale, representing a larger, more complex object.
The Promise & Perils of Metasearching Roy Tennant California Digital Library Roy Tennant California Digital Library.

The Promise & Perils of Metasearching Roy Tennant California Digital Library Roy Tennant California Digital Library.
Building the Ultimate IT Portfolio from Scratch Peter Grant Advisor, IBRS 0417 005 500.

Building the Ultimate IT Portfolio from Scratch Peter Grant Advisor, IBRS
What is it that we do here? What are we paying you for?

What is it that we do here? What are we paying you for?
Banking Clouds V International Youth Banking Forum.

Banking Clouds V International Youth Banking Forum.

Similar presentations

Ads by Google