Internet Security

From MgmtWiki
Revision as of 17:32, 17 September 2021 by Tom (talk | contribs) (Problems)

Jump to: navigation, search

Full Title or Meme

Internet Security appears to be an oxymoron as a network of networks could not be expected to harbor any underlying security model. So what ever security is to exist will need to be layered over the internet.

Context

While the Internet may appear to be just a swamp of bad actors, as shown below, we can discuss security for two broad categories of real-world actors, the service providers and the human users. The follows graphic shows those two real-world actors, together with their digital internet manifestations and the interactions among the actors.

  1. User to user
  2. User to Trusted Service Provider
  3. Service Prover to Service Provider
  4. Bad actor attacking users
  5. Bad actors attacking service providers.
  • There are two interfaces of interest, (1) at the user's agent, and (2) at the provider endpoint access to the internet.
  • There is one source of trust of interest: a list of trusted service providers either in the user head or in the user's agent.
  • All security is inherent in the messages that are received from the swamp, so the structure and content of these messages, combined with the security of the digital devices, procedures and programs used by the real-world entities will be the entire determinate of the security of the site.

InternetSecurity.png


Problems

The shear volume of devices, software and procedures used at any digital endpoint makes securing the entirety of the endpoint very difficult. Attempts to focus on the protocols or data structures used in the interchanges over the internet have proved to be inadequate to the task.

As a first step this site will focus on the security of the user devices, in particular with the mobile smartphone both as a platform as the apps that work on that platform operating together as a user agent. This can be combined later in the project with any service providers that directly focus on user agent functions.

Solutions

References