Where is the Digital Highway Really Heading? The Case for a Jeffersonian Information Policy

The cable industry has the daring and the wherewithal to bring this about, but it does not have the technical culture or experience … Telephone companies, which have long prided themselves on engineering expertise, also recognize they do not have all of the necessary talents to develop viable broadband networks … More alliances are inevitable as the players jockey for position to form teams with the critical mass of skills and resources to open up new markets.

Where is the Digital Highway Really Heading? The Case for a Jeffersonian Information Policy

Network architecture will be capable of carrying hundreds of channels of programming into every home, as well as custom programs selected by individual households. If the networks are engineered properly, every subscriber should be able to view a different program, even if all are watching at the same time. Initially, almost all of the bandwidth will be used to bring signals into the home, with very little being used to carry traffic back “upstream.” With proper upgrades, a hybrid network will also be capable of accepting and switching telephone traffic. Over time, the network can be expanded to support full two-way communication applications like video telephony.

Where is the Digital Highway Really Heading? The Case for a Jeffersonian Information Policy

Tomorrow’s broadband networks will be hybrids of fiber optics, coaxial cable, and copper wire. With some modification to the existing infrastructure, hybrid networks can deliver a full range of high-bandwidth interactive services at a fraction of the cost of fiber to the home. Digital compression, storage, and transmission will reduce the cost of rewiring a neighborhood to a manageable burden.

Introduction

Encryption is often touted as the ultimate weapon in the computer security wars. It is not. It is certainly a valuable tool, but it, like everything else, is a tool toward an ultimate goal. Indeed, if encryption is used improperly, it can hurt the real goals of the organization.

Introduction

We recommend using firewalls to protect networks. We define a firewall as a collection of components placed between two networks that collectively have the following properties: All traffic from inside to outside, and vice-versa, must pass through the firewall; only authorized traffic, as defined by the local security policy, will be allowed to pass; the firewall itself is immune to penetration.

Introduction

If the intruder can compromise the system, he or she will be able to attack other systems, by taking over either root, and hence the systemÕs identity, or some user account. It might seem that we are unduly pessimistic about the state of computer security. This is half-true: we are pessimistic, but not, we think, unduly so. Nothing in the recent history of either network security or software engineering gives us any reason to believe otherwise. Nor are we alone in feeling this way.

Chapter 14: Where Do We Go From Here?

The advent of mobile computing will also stress traditional security architectures. We see this today, to some extent, with the need to pass X11 through the firewall. It will be more important in the future. How does one create a firewall that can protect a portable computer, one that talks to its home network via a public IP network? Certainly, all communication can be encrypted, but how is the portable machine itself to be protected from network-based attacks? What services must it offer, in order to function as a mobile host? What about interactions with local facilities, such as printers or disk space?

Chapter 14: Where Do We Go From Here?

We expect cryptography to become more common in the future. While this will reduce or eliminate certain classes of attacks – picking up passwords by monitoring a LAN will be impossible, as will most forms of address impersonation – new problems will arise. Key servers, for example, will need to be very secure. Password-guessing attacks may even become easier if the servers arenÕt designed properly. From an organizational perspective, name space planning needs to start now. A scheme that today suffices to identify a relative handful of users with cryptographic keys may not scale to an arena where there are millions of key-holders.

Chapter 14: Where Do We Go From Here?

Some changes may be forced by the transition of the Internet to a new version of IP, the so-called “IPng.” As of this writing, there are still several candidate protocols, but one of them requires a form of source-routing as an integral part of its design. If this protocol is selected, all address-based authentication mechanisms will become insecure; cryptographic authentication will become utterly essential. This is probably good, but the transition process will be painful. In particular, if the Internet deploys translation gateways as a conversion aid, organizations with firewalls will probably need their own translator to accommodate the internal process.

Chapter 14: Where Do We Go From Here?

Changes in networking and computing technology will affect security architectures in the future. Consider, for example, how to construct a firewall that will accommodate gigabit-per-second data streams. Only the fastest computers will even be able to receive data at such rates, but if some of your users have such machines, and need that type of bandwidth, you will need an architecture or a policy that can keep up with them.