|
1 | 1 | Chapter 1: Introduction |
2 | 2 | ========================= |
3 | 3 |
|
4 | | -.. This was original the Problem Statement in the full book. |
5 | | - One thing we might do in this Introduction is talk about |
6 | | - the Internet's history, and how the original threat model |
7 | | - (or lack thereof) get us to where we are today. |
| 4 | + |
| 5 | +.. New effort from Bruce |
| 6 | +
|
| 7 | +
|
| 8 | +Security of computer systems has been a focus for system designers for |
| 9 | +as long as we have had time-shared computers. If two users can share a |
| 10 | +computer, then it is necessary to have protections in place to limit |
| 11 | +the impact one user can have on another. For example, one user should |
| 12 | +not generally be able to read the data of another user just because |
| 13 | +they run code on the same system. A multi-user system should ensure |
| 14 | +that malicious or poorly written code from one user cannot interfere |
| 15 | +with the operation of another user's programs. |
| 16 | + |
| 17 | +Computer networks are, like multi-user computers, shared |
| 18 | +resources, and similar requirements apply. One network user should not |
| 19 | +be able to interfere with another user's traffic. And in general, |
| 20 | +a user sending data across a network wants that data to be protected |
| 21 | +from unauthorised modification or eavesdropping. |
| 22 | + |
| 23 | +As we will see, the security of computer systems and the security of |
| 24 | +computer networks are closely related topics. And just as a |
| 25 | +traditional networking book needs to pay attention not only to the |
| 26 | +operation of switches and routers but also to a whole stack of |
| 27 | +software that runs in end systems, so the topic of network security |
| 28 | +demands that we look at both the devices that make up the network and |
| 29 | +the end systems that connect to it. |
| 30 | + |
| 31 | +The Internet was created to allow users in one location to |
| 32 | +access computing resources in another. Those systems had their own |
| 33 | +security measures in place. For example, if you wanted to use the Internet |
| 34 | +to log in to a remote computer, you would need to authenticate |
| 35 | +yourself to that remote system (via user name and password) before |
| 36 | +gaining access to any resources on that system. |
| 37 | + |
| 38 | +Ensuring the security of end systems does not come close to addressing the entire set of |
| 39 | +security issues that exist in a computer network. For example, an |
| 40 | +attacker with access to a link, switch or router somewhere in the network |
| 41 | +has the potential to read or modify packets passing |
| 42 | +through that point. Furthermore, by |
| 43 | +connecting computers to a global network, the opportunity to exploit |
| 44 | +vulnerabilities in the code running on those end systems is opened up |
| 45 | +to a much greater---potentially global---set of actors. |
| 46 | + |
| 47 | +Thus we can think of network security as having two main |
| 48 | +thrusts. First, we need to address the security challenges of a |
| 49 | +shared, globally distributed network. Second, we need to address the |
| 50 | +challenges of connecting end systems, which run imperfect software, to |
| 51 | +a global set of actors, some of whom are bound to be malicious. |
| 52 | + |
| 53 | +For an interesting retrospective view on system security, and some |
| 54 | +commentary on how far we still have to go, we recommend |
| 55 | +the paper on Multics from Karger and Schell. |
| 56 | + |
| 57 | +.. admonition:: Further Reading |
| 58 | + |
| 59 | + P. Karger and R. Schell. `Thirty Years Later: Lessons from the |
| 60 | + Multics Security |
| 61 | + Evaluation. <https://www.acsac.org/2002/papers/classic-multics.pdf>`__. |
| 62 | + Annual Computer Security Applications Conference (ACSAC) 2002. |
| 63 | + |
| 64 | + |
| 65 | +An early example of a security failure in the Internet serves to |
| 66 | +highlight the breadth of the challenges included in the term "network |
| 67 | +security". The Morris worm was the first large-scale attack on the |
| 68 | +Internet, launched in 1988 when the Internet was largely limited to |
| 69 | +universities and research institutions. While it was made possible by |
| 70 | +the fact that the Internet of that era generally allowed packets from any source |
| 71 | +to any destination, it was also dependent on a number of |
| 72 | +vulnerabilities in the software running on the end systems connected |
| 73 | +to the Internet. Like many future attacks, the Morris worm exploited |
| 74 | +multiple vulnerabilities, including weak or default passwords, a buffer |
| 75 | +overflow bug in a then widely-used software tool, and a security hole in |
| 76 | +the sendmail program. There is a comprehensive analysis of the worm's |
| 77 | +operation in the report from Donn Seeley written soon afterwards. |
| 78 | + |
| 79 | + Donn Seeley. `A Tour of the |
| 80 | + Worm. <http://www.cs.unc.edu/~jeffay/courses/nidsS05/attacks/seely-RTMworm-89.html>`__. |
| 81 | + |
| 82 | +What we aim to cover in this book is a systems perspective on the |
| 83 | + security of computer networks. |
| 84 | + |
| 85 | + |
| 86 | +.. from the original book - need some cleanup to splice with the above text |
8 | 87 |
|
9 | 88 | Computer networks are typically a shared resource used by many |
10 | 89 | applications representing different interests. The Internet is |
|
0 commit comments