of the material on this page is extracted from articles and reports available
from the CBDi Forum.
Differentiated security means subdividing the population into small
differentiated clusters. At the extreme, each individual belongs
to a different class. This makes it much more difficult to scale or replicate
attacks, since each cluster/individual has a different security profile
and there should be no common weaknesses.
Pat Helland of Microsoft has proposed the Autonomous Computing model
as an application design pattern for cooperation between independent systems
that do not trust each other. It has two key notions.
||An independent computing environment that refuses to trust any outsiders
and maintains tight control over a set of mission critical data
||A computing component that helps prepare requests to submit to a fiefdom.
It operates exclusively on published (snapshot) reference data and single-user
Helland uses the autonomous computing model to explain many of the new
types of applications including offline apps, scalable web-farms, B2B apps,
content syndication and content aggregation. (How secure are these then?)
Roger Sessions of Object Watch has combined the Autonomous
Computing model with other elements to produce an elaborate Fortress
Model of computer security. A fortress is a self-contained software
system, contains business logic (grunts) and private data (strongboxes),
and is surrounded by an unbreachable
wall. Communication with the
outside world passes through a drawbridge, and is controlled by
I have many reservations about these models. Here are three to be going
||Reliance on an absolute, binary notion of trust. Anything or anybody
inside the wall is trusted absolutely, anything or anybody outside the
wall is mistrusted.
||Reliance on simple topology. A wall creates a simple enclosed space,
a straightforward boundary between inside and outside.
||Reliance on technology. The fortress model depends on firewalls and
other security mechanisms.
Meanwhile, IBM appears to be drawn towards an entirely
different model of autonomous computing. According to Tim Macdonald
of Newsfactor Network, quoting IBM hardware strategist Irving Wladawsky-Berger,
what IBM has in mind (along with a host of other companies doing related
research) is something similar to the human immune system, capable of recognizing
foreign anomalies and sending agents to destroy them. The goal is
to survive the unpredictable.
This page last updated on January 2nd, 2003
Copyright © 2002-2003 Veryard Projects Ltd
in asssociation with