More thoughts on deperimeterization

by Anton Chuvakin

Related link: http://www.csoonline.com/read/110105/machine.html





I did blog about the subject of "deperimeterization" as advocated by the so-called "Jericho Forum". In his paper Simson Garfinkel points out several more problems with the approach they advocate, some of which overlap with what I mentioned in my previos blog post on the subject.



Namely, why break the classic perimeter protections and build some new "secure architecture"? Its not like firewalls are not doing their job, its just that they are not doing everything you need to protect yourself. At the same time, most things in the IT real seem to evolve slowly rather than get rebuilt "right" overnight.



So, don't scrap the firewalls, just slowly head downstream with the rest of the world towards bigger adoption of "self-defending computers" (aka personal firewalls and client protection) and further towards adopting "self-defending documents" (aka what DRM might become)... But with every new layer of defenses, keep the old ones intact!



2 Comments

felipe_alfaro
2005-11-30 13:12:34
DRM
DRM is not about self-protection, but about limiting features.


DRM is just a technology used to impose restrictions on information, but information and knowledge are free. They have been free and will always be.


You can't limit what people know, what people discover or what people think. You can't stop people from taking ideas from others. It's absurd.

SwashBucklingCowboy
2005-12-01 07:21:39
Absurd?
The patent system is absurd?


LOL!



Btw, the link to the previous blog entry comes up as being restricted (i.e. it cannot be read).