View previous topic :: View next topic |
Author |
Message |
binhnn Just Arrived
Joined: 08 Apr 2003 Posts: 0
|
Posted: Tue Apr 08, 2003 12:22 pm Post subject: Security for Active Network |
|
|
Active network is a novel approach toward new network architectures. However, due to its technic of enabling programming environment, it faces with some security issue.
I am doing some research to discush these issues and solve some related problems. If you are interested in this field, please let me know so we can exchange useful information.
Regards,
Nguyen Nhat Binh
|
|
Back to top |
|
|
ShaolinTiger Forum Fanatic
Joined: 18 Apr 2002 Posts: 16777215 Location: Kuala Lumpur, Malaysia
|
Posted: Tue Apr 08, 2003 12:30 pm Post subject: |
|
|
I presume you are talking about Active Directory, and also we are not here to do your homework for you
If you have a specific question please ask, if you don't I suggest you do some reading/research first.
We are here for when you have exhausted all possible resources available to you.
Thanks
ST
|
|
Back to top |
|
|
binhnn Just Arrived
Joined: 08 Apr 2003 Posts: 0
|
Posted: Tue Apr 08, 2003 5:52 pm Post subject: |
|
|
Dear ShaolinTiger,
Actually not AD. If I need to do something with AD, simply get some PCs, event VMWARE, install and play around with them.
What I mention here is Active Network in which, the routers and switches can perform customized computations on the messages flowing though them.
Dual to it mechanism, we have to face with some security issues. It is not simple just as you think.
If you like answering questions, I have some for you:
1 Do you think we could bring our network at risk by enabling a programable environment?
2 What is the right life circle of developing security policy?
Best regards,
Nguyen Nhat Binh.
|
|
Back to top |
|
|
ShaolinTiger Forum Fanatic
Joined: 18 Apr 2002 Posts: 16777215 Location: Kuala Lumpur, Malaysia
|
Posted: Tue Apr 08, 2003 6:08 pm Post subject: |
|
|
Ah ok sorry.
You really mean Active Networks, as in packet management and intelligent routing/information injection.
What area of Active Networks are you looking at?
Application-specific multicast? information fusion? or just simply leveraging network-based computation and storage.
Indeed the pace of innovation increases but so do the security risks, by decoupling network services from the underlying hardware you are allowing many more weak points into the infrastructure, you do however allow new services (including security based services) to be loaded into the infrastructure on demand.
As an answer to your questions...
1) Yes
2) Depends totally on the situation/company the policy is being designed for.
Last edited by ShaolinTiger on Tue Apr 08, 2003 6:09 pm; edited 1 time in total |
|
Back to top |
|
|
binhnn Just Arrived
Joined: 08 Apr 2003 Posts: 0
|
Posted: Wed Apr 09, 2003 11:41 am Post subject: |
|
|
Dear ST,
Thank you for answering my questions.
For the second question, my expectation is more philosophic answer like
Depends totally on the situation/company the policy is being designed for (your answer)
Analyze the need
Design the policy
Re-evaluate the risk
Plan for the next cycle
Anyway, we will discuss further more later.
Regards,
Binh.
|
|
Back to top |
|
|
binhnn Just Arrived
Joined: 08 Apr 2003 Posts: 0
|
Posted: Wed Jun 18, 2003 9:22 am Post subject: |
|
|
Now I want to discuss further more about how to develop the right solution for security.
We would follow a very strict life cycle including the following steps:
Risk analyzing
- identify assets
- assign value
- assess liabilities
Policy developing
- identify owners
- set requirements for securing data
Implementation
- select/develop technologies
- set management process
Administration
- educate users
- set procedures to minimize risks
I will discuss with you the details of each step. Note that the last step starts another life cycle rather than stops the current one.
Any suggestion will be welcome,
Nguyen Nhat Binh.
|
|
Back to top |
|
|
|