I've been looking at a lot of different technical security architectures for network providers. Obviously many providers keep their security secret, so they may or may not have a decent security architecture. Nevertheless there is still a lot of good information available from government agency networks, academics and vendors. The best network service provider security architecture document First Place: Information Assurance Technical Framework Second Place: The ESNET unclassified Security Plan Third Place: University of Washington Network Security Credo
From the IATF document http://www.iatf.net/
5.1 Availability of Backbone Network I would disagree about item #3, IP is a datagram service, and does not protect against delay or packet drops (see item #1). Otherwise this is a decent list of functional security requirements for most Internet backbone providers. Its short, but covers the big items. 1. BNs must provide an agreed level of responsiveness, continuity of service and resistance to accidental or intentional corruption of the communications service. (The agreement is between the owners of the network and the users of the network.) 2. BNs are not required to provide security services of user data (such as confidentiality and integrity)that is the user's responsibility. 3. BNs must protect against the delay, misdelivery, or nondelivery of otherwise adequately protected information. 4. BNs, as a part of the end-to-end information transfer system, must provide the service transparently to the user. 5. As part of the transparency requirement, the BN must operate seamlessly with other backbones and local networks.
I absolutely agree with Item 3. Sure, IP itself doesn't protect against those things, but if a BN doesn't provide service without delay, misdelivery, or nondelivery of otherwise adequately protected information (valid packets), then the BN isn't very useful. If I met all the other criteria here, but blackholed half the traffic, my BN wouldn't be very good. Owen --On Tuesday, January 21, 2003 15:07 -0500 Sean Donelan <sean@donelan.com> wrote:
I've been looking at a lot of different technical security architectures for network providers. Obviously many providers keep their security secret, so they may or may not have a decent security architecture. Nevertheless there is still a lot of good information available from government agency networks, academics and vendors.
The best network service provider security architecture document
First Place: Information Assurance Technical Framework Second Place: The ESNET unclassified Security Plan Third Place: University of Washington Network Security Credo
From the IATF document http://www.iatf.net/
5.1 Availability of Backbone Network
I would disagree about item #3, IP is a datagram service, and does not protect against delay or packet drops (see item #1). Otherwise this is a decent list of functional security requirements for most Internet backbone providers. Its short, but covers the big items.
1. BNs must provide an agreed level of responsiveness, continuity of service and resistance to accidental or intentional corruption of the communications service. (The agreement is between the owners of the network and the users of the network.)
2. BNs are not required to provide security services of user data (such as confidentiality and integrity)that is the user's responsibility.
3. BNs must protect against the delay, misdelivery, or nondelivery of otherwise adequately protected information.
4. BNs, as a part of the end-to-end information transfer system, must provide the service transparently to the user.
5. As part of the transparency requirement, the BN must operate seamlessly with other backbones and local networks.
If you have done a good job negotiating Item 1, item 3 is redundant. On the other hand if you have choosen a crappy backbone in Item 1, using VPN/SSL/whatever to secure your packets won't help delay or nondelivery of packets. On Tue, 21 Jan 2003, Owen DeLong wrote:
I absolutely agree with Item 3. Sure, IP itself doesn't protect against those things, but if a BN doesn't provide service without delay, misdelivery, or nondelivery of otherwise adequately protected information (valid packets), then the BN isn't very useful.
If I met all the other criteria here, but blackholed half the traffic, my BN wouldn't be very good.
Owen
--On Tuesday, January 21, 2003 15:07 -0500 Sean Donelan <sean@donelan.com> wrote:
I've been looking at a lot of different technical security architectures for network providers. Obviously many providers keep their security secret, so they may or may not have a decent security architecture. Nevertheless there is still a lot of good information available from government agency networks, academics and vendors.
The best network service provider security architecture document
First Place: Information Assurance Technical Framework Second Place: The ESNET unclassified Security Plan Third Place: University of Washington Network Security Credo
From the IATF document http://www.iatf.net/
5.1 Availability of Backbone Network
I would disagree about item #3, IP is a datagram service, and does not protect against delay or packet drops (see item #1). Otherwise this is a decent list of functional security requirements for most Internet backbone providers. Its short, but covers the big items.
1. BNs must provide an agreed level of responsiveness, continuity of service and resistance to accidental or intentional corruption of the communications service. (The agreement is between the owners of the network and the users of the network.)
2. BNs are not required to provide security services of user data (such as confidentiality and integrity)that is the user's responsibility.
3. BNs must protect against the delay, misdelivery, or nondelivery of otherwise adequately protected information.
4. BNs, as a part of the end-to-end information transfer system, must provide the service transparently to the user.
5. As part of the transparency requirement, the BN must operate seamlessly with other backbones and local networks.
participants (2)
-
Owen DeLong
-
Sean Donelan