Next: Risk Reduction
Up: DARPA/NSA/DISA Joint Technology Office:
Currently, a great number of security protocols for network
communication exists. These protocols are well-known and assumed to
be correct and secure. Nevertheless, in a typical environment
different protocols have to be used. This leads to problems of
interaction between the protocols (creating different publics keys
for similar protocols, etc.). Furthermore, some of the services may
be redundant. The authors state that ultimately, security services
should be another parameter in a quality of service negotiation,
taking into account the delays for encryption, etc.
Another challenge is mobility. Both mobile users (users working
within groups with different security requirements) and mobile
computers (computers which might be connected to different groups)
raise new issues of security.
Before computers were connected with networks, all necessary security
information could be stored locally on the computers. Now, many
services are executed either in different places in an operating
system or even on different computers. Thus, managing security
information is an important issue: A system can only be as secure as
secure the security information is stored.