The Security Risks of Modern Distributed Systems

By Tom Welsh, Senior Consultant, Cutter Consortium

Cutter looks at the need to build and integrate security systems into the ever-growing numbers of computers and networks used by small and large enterprises.

By Tom Welsh, Cutter Consortium

November 09, 2005CSO

In recent years an increasing number of enterprises have come to rely heavily on computer systems; indeed many (such as airlines, banks, manufacturers, retailers, and most branches of government) could not function at all without them. Thanks to the ever-improving price and performance of hardware, it has become cost-effective to deploy computers in more diverse and ubiquitous roles and to address an expanding variety of business problems through the application of computing power and bandwidth.

However, IT security has been dangerously neglected, with the result being that the imposing edifice of today's computing infrastructure may turn out to be built on sand. This is partly due to the inherent limitations of distributed computing. To a much greater extent, though, it is because most organizations that design, create, sell, and use IT systems have been content to adopt a purely reactive attitude toward security.

The Internet on which the great majority of modern distributed systems are based is, in a real sense, intrinsically insecure. In its early days (as the Advanced Research Projects Agency Network ARPANET), all users were trusted, so it was never an objective to provide strong defenses against subversion from the inside. None of the changes made since, nor even Internet Protocol Version 6 (IPv6), have materially changed this situation. Moreover, there are so many different kinds of portable, pluggable, and embedded computer devices on the market that traditional perimeter defense using firewalls can no longer provide adequate levels of security. The resulting state of affairs has been memorably summed up by Gene Spafford, professor of computer science at Purdue University:

Secure Web servers are the equivalent of heavy armored cars. The problem is, they are being used to transfer rolls of coins and checks written in crayon by people on park benches to merchants doing business in cardboard boxes from beneath highway bridges. Further, the roads are subject to random detours, anyone with a screwdriver can control the traffic lights, and there are no police.1

Only when viruses began to rampage across the Internet and attackers stole customer details by the truckload did corporations start thinking about countermeasures. All too often it is only when an enterprise itself or a markedly similar one such as a competitor or partner finds its business badly harmed that it begins to think seriously about security. By then, however, it is too late to get the best results. Excellent security cannot be added on as a "bag on the side" (as engineers say). It has to be built in to architectural designs right from the start.

RESOURCE CENTER