Firewall Wizards mailing list archives
Re: The Mathematics of Relative Security
From: Chris Pugrud <chris () pugrud net>
Date: Tue, 21 Sep 2004 12:28:15 -0700 (PDT)
--- Crispin Cowan <crispin () immunix com> wrote:
More succinctly, if you ask the question "am I secure?" in a highly rigorous fashion, the likely answer is "Hell no" :)
This is distinctly the intuitively obvious answer. The more rigourous answer is that only insecurity can be proven, testing security reduces to the halting problem. 1. Test security 2. If you find a problem, stop, the system is insecure 3. If you run out of tests, get more, you obviously missed something 4. return to 1 I'm wondering more if the problem can be reduced to a simple enough model that it is both rigorous and meaningful. It is easy to prove the relative security of networks that are air-gapped. They enjoy absolute relative security because there is no connection between them. TCP also introduces a wrinkle that is not easily covered by the set theory I have learned, or I'm missing something - the concept of one-way membership. If a "firewall" sits bewteen A and B and enforces the rule that says A can initiate to B, but B can not initiate to A, then A is relatively secure with respect to B while B is fully exposed to A. Now expand this to include C, the DMZ that sits between them (exercise left to the reader to save space). You start to learn more about why DMZ's work and why they fail (or really fail when violated). I know that the concepts are obvious to reasonable Once this is fleshed out you land into the rather thorny issue of highly restricted but not absolute boundaries. What effect does opening up another port on the firewall have? I think it's silly to walk down this road until the simplest model is rigorously fleshed out. What is intuitively obvious, the relative security when the interactions of three domains is analyzed, is much harder to analyze when you are talking about complex compartmentalized systems that have many domains and non-intuitive boundaries. Good reading, thank you for the links, Chris _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- The Mathematics of Relative Security Chris Pugrud (Sep 21)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 21)
- Re: The Mathematics of Relative Security Chris Pugrud (Sep 22)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 27)
- Re: The Mathematics of Relative Security Mark Tinberg (Sep 27)
- Re: The Mathematics of Relative Security R. DuFresne (Sep 30)
- Re: The Mathematics of Relative Security Chris Pugrud (Sep 22)
- Re: The Mathematics of Relative Security Adam Shostack (Sep 27)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 21)
- Re: The Mathematics of Relative Security John Adams (Sep 22)