Distributed Computing Security
Today's state of the art in computer and software security is dismal. The main reason is that most companies do not have a deep enough understanding of the serious technical risks to make intelligent decisions about reducing those risks. In addition, many companies become wrapped up in the fear, uncertainty and doubt spread by unscrupulous security vendors. Often, companies not only buy inferior solutions from these vendors, they also "buy in" to the information the vendors provide. This combination of a lack of in-house expertise and reliance on vendor hype can be dangerous.
In addition to cyptography, which many companies are already using to protect data traveling over insecure mediums (such as the Internet), the following steps should be taken to prevent attackers from reading your data:
1. Make sure the software system is robust and free of exploitable security vulnerabilities.
2. Secure applications from network-based attacks.
3. Limit access to machines that are important to your enterprise to only those people who absolutely need access to keep the enterprise running smoothly.
The best approach to writing secure software is to design security into the system from the ground up, as opposed to "bolting it on" as an afterthought. The right model includes identifying security requirements at the beginning of a new development and applying good software engineering principles to the design and implementation.
Once the requirements have been defined and the system has been specified, but before the system is actually implemented, a thorough risk analysis should be performed on that specification. The analysis should try to characterize the types of attacks that might be carried out on the system, as well as any other potential threat the system may face. For maximum effectiveness, you may wish to defer to outside security experts for performing such a risk analysis.
Securing your computers from network attacks is somewhat easier than writing securing software. Techniques include ensuring that the machine itself does not suffer from security vulnerabilities at the operating system level and avoiding running third-party applications on mission-critical servers if possible (they may contain exploitable security flaws). Firewalls are good at keeping many hackers out of your network. However, you should not rely on this technology as a guaranteed solution; many of the best hackers consider firewalls a mere nuisance. In addition, you can easily avoid one of the biggest security problems: people with legitimate access to a machine setting passwords that can easily be guessed. System administrators must restrict people from setting passwords that are too easy to guess, such as words in a dictionary or expletives.
It has been said that the most secure computer is one buried in a vault under 50 feet of concrete, suggesting that gaining security assurance generally means sacrificing functionality. And most companies can only give so much. However, just because total assurance in the security of your system is unlikely doesn't mean you should leave your computers sitting unprotected on a busy street corner -- which is more or less what occurs when companies fail to make Internet-enabled applications highly security conscious.
About the Authors: John Viega is a research associate at Reliable Software Technologies, in Sterling, Va.
Jeffrey Voas is the Corporate Vice President and Chief Scientist at Reliable Software Technologies.