Security and Symmetry

by Richard Veryard

Phil Wainewright asks

Are we honestly supposed to believe it was a co-ordinated denial-of-service attack that brought down a demonstration application on Sun’s much-touted pay-as-you-go Grid service on the day of its launch this week?

Phil suggests that two explanations are equally plausible – one in terms of security and one in terms of unanticipated levels of demand – since these two explanations might both generate pretty much the same outcome.

In a symmetric world, there is a clear distinction between genuine customers and hostile attackers – and the task of security is to tell them apart and keep them apart. We can easily separate security from marketing, because there is no interference between these two activities. We can install perimeter-based security, which prevents bad people from accessing our services.

In an asymmetric world, this distinction (and the deconfliction between marketing and security) breaks down. This asymmetry is one of the key drivers for the current interest in deperimeterization, as promoted by the Jericho Forum.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.