Difference between revisions of "Internet Security"

From MgmtWiki
Jump to: navigation, search
(Context)
(Context)
Line 12: Line 12:
 
* There are two interfaces of interest, (1) at the user's agent, and (2) at the provider endpoint access to the internet.
 
* There are two interfaces of interest, (1) at the user's agent, and (2) at the provider endpoint access to the internet.
 
* There is one source of trust of interest: a list of trusted service providers either in the user head or in the user's agent.
 
* There is one source of trust of interest: a list of trusted service providers either in the user head or in the user's agent.
 +
* All security is inherent in the messages that are received from the swamp, so the structure and content of these messages, combined with the security of the digital devices, procedures and programs used by the real-world entities will be the entire determinate of the security of the site.
  
 
[[File:InternetSecurity.png]]
 
[[File:InternetSecurity.png]]

Revision as of 16:20, 17 September 2021

Full Title or Meme

Internet Security appears to be an oxymoron as a network of networks could not be expected to harbor any underlying security model. So what ever security is to exist will need to be layered over the internet.

Context

While the Internet may appear to be just a swamp of bad actors, as shown below, we can discuss security for two broad categories of real-world actors, the service providers and the human users. The follows graphic shows those two real-world actors, together with their digital internet manifestations and the interactions among the actors.

  1. User to user
  2. User to Trusted Service Provider
  3. Service Prover to Service Provider
  4. Bad actor attacking users
  5. Bad actors attacking service providers.
  • There are two interfaces of interest, (1) at the user's agent, and (2) at the provider endpoint access to the internet.
  • There is one source of trust of interest: a list of trusted service providers either in the user head or in the user's agent.
  • All security is inherent in the messages that are received from the swamp, so the structure and content of these messages, combined with the security of the digital devices, procedures and programs used by the real-world entities will be the entire determinate of the security of the site.

InternetSecurity.png


References