Firewall Wizards mailing list archives
The Mathematics of Relative Security
From: Chris Pugrud <chris () pugrud net>
Date: Mon, 20 Sep 2004 10:06:17 -0700 (PDT)
In attempting to evaluate the relative security and exposure of interconnected subsets of computers there is a distinct shortage of language and tools to algorithmically evaluate the risks between those groups. Set theory and discrete mathematics give us a good foundation to evaluate the risk exposure between groups, but those tools only work with absolutes. A point is either a member of a set, or it isn't. If two networks are airgapped, they are logically and provably separate. If two groups are joined with a "firewall" policy of "permit ip any any" they are logically and obviously joined, with the grouping inheriting the policy and exposure of the weakest member(s). There is nothing to take into account one-way transactions, as TCP permits, other than to wave a wand over distinctive sets. If two sets can initiate communication into the intersection, but the intersection can not initiate communication out, then the sets can, observably, be show to be disjoint, outside of the intersection. All of this noticably falls apart in the real world, where we have to allow selected ports to cross boundaries with minimal controls. How many ports necessitate a union, should ports be allowed higher weight than others? Can it be convincingly argued that port 135 carries a measurably higher risk than port 123, or application IIS over the innumerable incarnations of application Apache (with which extensions, options, and controls included?) on port 80? I know I'm not the first person to evaluate these issues, or to initiate this conversation in this group. I think that this is fundamentably possible at a higher level, only looking at connections and direction, and provably unsolvable at the lowest levels of ports and protocols (reducability to the halting problem). I'm searching for the people here who have already done some of the heavy lifting and can at least point me in the right direction to enable some more quantifiable analysis of highly complex security environments. Let me know, Chris _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- The Mathematics of Relative Security Chris Pugrud (Sep 21)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 21)
- Re: The Mathematics of Relative Security Chris Pugrud (Sep 22)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 27)
- Re: The Mathematics of Relative Security Mark Tinberg (Sep 27)
- Re: The Mathematics of Relative Security R. DuFresne (Sep 30)
- Re: The Mathematics of Relative Security Chris Pugrud (Sep 22)
- Re: The Mathematics of Relative Security Adam Shostack (Sep 27)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 21)
- Re: The Mathematics of Relative Security John Adams (Sep 22)