Stronger than the weakest link
Network World, 02/15/99
It is an old maxim that a chain is only as strong as its weakest link.
This assumption has long guided the understanding of computer and
network security. But this and a number of long-held assumptions are
challenged by a recent publication issued at the behest of the U.S.
The National Research Council (NRC) has published the results of
another one of its panels looking into various aspects of our changing
This recent NRC volume, "Trust in Cyberspace" (ISBN
0-309-06558-5), is the result of a 14-member committee that started
meeting in June 1996. The committee was appointed by the NRC in
response to a request from the Defense Advanced Research Agency
and the National Security Agency. The study was designed, in the
words of the report, "to assess the nature of information systems
trustworthiness and the prospects for technology that will increase
For the fiscally challenged, the NRC has also put this report on the
World Wide Web at www.nap.edu/readinroom/books/trust/ .
The report notes: "It is easy to build a system that is less trustworthy
than its least trustworthy component. The challenge is to do better: to
build systems that are more trustworthy than even their most
trustworthy components." The report then provides some general
guidelines on ways to amplify system reliability and security. There
are a number of chapters in this report, such as "Trustworthy Systems
from Untrustworthy Components" mentioned above, that are valuable
in their own right. But the mission of NRC committees is to provide
specific recommendations for government action, especially in the
area of government-funded research.
The committee investigated not only the effects of malicious attacks
by people who want to disrupt network operations, but also the effects
of accidental misconfigurations of network components and the
impact of environmental factors such as fibertropic backhoes.
The conclusions and research recommendations section of the report
does not present all that reassuring a picture. The current national
network infrastructure, comprising the public telephone network and
the Internet, is not well-positioned for security and reliability.
The report points out a number of vulnerable areas and makes several
specific recommendations for research that would help to enable the
creation of more secure and reliable networks in the future.
There is a possibility that networks in the future can be made more
reliable and secure than those with which we are currently dealing.
But if that happens, it will be in spite of the market forces that are
reshaping our telecommunications world and not because of them. In
fact, it could be because of the research recommended in this report.
Disclaimer: Harvard's relationship to market forces is tenuous, so the
above must be my observations.