next up previous
Next: Risk Reduction Up: DARPA/NSA/DISA Joint Technology Office: Previous: Assurance

Network-Operating System Interaction

Currently, a great number of security protocols for network communication exists. These protocols are well-known and assumed to be correct and secure. Nevertheless, in a typical environment different protocols have to be used. This leads to problems of interaction between the protocols (creating different publics keys for similar protocols, etc.). Furthermore, some of the services may be redundant. The authors state that ultimately, security services should be another parameter in a quality of service negotiation, taking into account the delays for encryption, etc. Another challenge is mobility. Both mobile users (users working within groups with different security requirements) and mobile computers (computers which might be connected to different groups) raise new issues of security. Before computers were connected with networks, all necessary security information could be stored locally on the computers. Now, many services are executed either in different places in an operating system or even on different computers. Thus, managing security information is an important issue: A system can only be as secure as secure the security information is stored.

Tim Wellhausen