New security ideology - perimeter security...

Talk about internet security, computer security, personal security, your social security number...
Post Reply
luntrus
Senior Member
Posts: 237
Joined: Sat Mar 21, 2009 6:29 pm

New security ideology - perimeter security...

Post by luntrus »

Hi forum friends,

Traditionally security models are structured around the ports where hackers may attack -there firewalls, Network Intrusion Detection, Network Access Controls and similar software (Threatfire,pktfltr. etc.) are used to keep an eye on what goes on at the access ports of the computer to see what threats may come in from the ugly world out. But this traditional outward protection, does it help much? In the other model we do not watch the borders but guard the source against outward manipulation and help in the cloud security so it can be better set and checked and handled.

It seems weird in stead of checking ports, keyholes and walls to tear them down, the user now should feel quite naked when such a thing happens. To have full security under such circumstances one may choose for a very robust data level classification combined with access control and/or cryptography and key-managment.

Deperimeterisation compared with traditional security traditions so is radically different. For users it means adhering another ideology. The benefits are many. It fundamentally changes the way information is being shared. But mind you when one does it the wrong way the results can be utterly disastrous.

A solution is effective when cryptographic solutions are being used effectively to protect data. Keymanagement does play a major role here, because we handle quite some interrelations (rights, trust, users, groups, members, trusted members). Look how to handle these relations to a program like Public Key Infrastructures (PKI): http://nl.wikipedia.org/wiki/Public_key_infrastructure
Mentioned technique can make cryptography scalable like no other.

Tools for access control, whether they are found to hide inside the access layer (for applications) or inside the management console (for larger user populations) are also to play an essential role where access control is concerned, we mean to determine who has access to what secured data and who has not,

luntrus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.3 (KHTML, like Gecko) Iron/4.0.227.0 Chrome/4.0.227.0 Safari/532.3
dhouwn
Bug Buster
Posts: 968
Joined: Thu Mar 19, 2009 12:51 pm

Re: New security ideology - perimeter security...

Post by dhouwn »

Is this post really from luntrus? Why is he writing about PKI but not signing his post? Why is he linking to a nederlandse Wikipedia entry? Why is his user agent indicating that he was using Iron to write this? Questions upon questions…

SCNR, to be removed after correction.
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.2b5) Gecko/20091204 Firefox/3.6b5
User avatar
therube
Ambassador
Posts: 7924
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: New security ideology - perimeter security...

Post by therube »

It is just the manner in which he does these things.

Most often simply quoted material with no link.
Most often not really a question for discussion or a question for which he is necessarily looking for an answer to, but more just to point out "news".

It is just the manner in which he does these things :-).
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.6) Gecko/20091206 SeaMonkey/2.0.1
Tom T.
Field Marshal
Posts: 3620
Joined: Fri Mar 20, 2009 6:58 am

Re: New security ideology - perimeter security...

Post by Tom T. »

dhouwn wrote:Is this post really from luntrus?
It's from the same IP that he's used for 229 more of his total 237 posts, so I'd say, yes.
Why is he writing about PKI but not signing his post?
He signed it. It says "luntrus" at the bottom. Sometimes he's added an a/k/a, but not here.
Why is he linking to a nederlandse Wikipedia entry?
Um, because he's from the Netherlands? :o
Why is his user agent indicating that he was using Iron to write this?
As therube said, luntrus often passes on news items of general interest to the security community, not just to the Fx or NS community. At one time, he was affiliated with a certain anti-virus vendor, which definitely gives an inside track on such things. Haven't spoken with him in a while, so don't know if that's still the case.
Questions upon questions…
All answered, I hope.
SCNR, to be removed after correction.
What does that mean? ... n/m, Scroogled it. No apology needed. If one didn't know luntrus well, or have access to Mod info (IP, etc.), I can understand why it would look suspicious. ... remove or not as you wish, but no harm done. :)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.24) Gecko/20111103 Firefox/3.6.24
Post Reply