About this Item
Time-Based Security in a Nutshell, The model for Time Based Security (TBS) originated with conversations with Bob Ayers, formerly of the Defense Information Systems Agency (DISA) over a period of years. As a result of many napkin drawings, especially in Warsaw, Poland, TBS was born. In the two years since we spent hours and days arguing over the principles, I have had the opportunity to develop TBS into a workable mathematical model for the quantification of security. I have always maintained that to offer a reasonable defense, one has to know how to attack networks. So, TBS, here we go. Defensive Products Do Not and Cannot Work. The current and prevalent method to defend networks against attack is an approach 10,000 years old based upon classic military build your defensive walls as high as you can to keep the bad guys out. This is also known as Fortress Mentality. However, it hasn't worked since the dawn of time and still doesn't; work. Consider Odysseus and the Greeks camped themselves out on the plains of Troy for nine years before they screamed, We give up! And here's a horse as a present. We all know the results. The Great Wall of China was meant to keep the marauding Mongolians at bay yet advanced technology like the catapult, battering ram, and bribery of guards won out. The Maginot Line; the Berlin none of them worked because they couldn't. This fundamental error in historical judgment, though, was what modern defensive information security was based how can we build the walls around our networks high enough to keep the bad guys out. Oops! Wrong again. They began with the false premise that they could keep the bad guys out and then compounded the error in the erroneous belief that everyone who had access to the networks was already cleared as a good guy; a pro-US gung-ho Marine-like good guy. However, this incorrect model was based on other antique computers operating in isolation there is no such thing as a network. When the Trojans let the drawbridge to their city descend to admit the horse, they were networking with the outside world. When the Germans bypassed the Maginot Line, they created a network with the French right or wrong. When people sailed over or around the Berlin Wall, a network connection was made. Thus, the principle of Fortress Mentality began to collapse as a viable defensive posture. When the security pioneers began to develop security models, they took a similar approach because the network had not yet begun to live and expand as an independent entity. And then the hackers started at us. So, based on the antiquated model of Fortress Mentality, our network defense program began. And the result? Use firewalls. Use passwords. Use Access Control Tables. But now A lot of people have made a lot of money selling both the government and the private sector tons of firewalls and other protective equipment to defend their networks. Sound like a plan, right? Well, maybe it isn't. Name one company that guarantees their product! Name one company that will provide a warranty that if you use their products, they will legally accept responsibility for any losses you suffer if their products are compromised. Never mind that some of the most popular defensive products are created by foreign government-sponsored organizations which do not release source code on how their products work.
Seller Inventory # 25397
Contact seller
Report this item
