1. Technical Field
The present invention relates to data and communications networks and in particular, but not exclusively, to the security of such networks. The invention is particularly applicable to the management of security in dynamic networks.
2. Related Art
Current network security is based on the concept of fortification. Sensitive information/hardware is protected from the world outside the network by security software called a firewall that runs on a limited number of computers called gateways that provide the links between the network and other non-trusted networks and/or computers. Reaching within the protected network normally involves crossing one of these firewalls where identity controls are conducted and only legitimate access requests allowed.
This strategy is effective as long as there is no breach in the firewall and control at the gates is efficient. This security technique is well adapted to network architecture where data and communications are carried out over fixed physical wires and cables. In this kind of environment, security measures can effectively be implemented at the entry points to the network that cannot be avoided.
A drawback of this policy is that anything inside the walls is assumed to have successfully passed through a filtering procedure and is therefore implicitly trusted. So as soon as a hostile entity such as a hacker or virus has found a way to avoid all checkpoints it can access and damage anything that was supposed to be protected within the network. Such malevolent entry is often gained via an unsecured or compromised entry point commonly referred to as a back door. However, backdoors are relatively rare and/or difficult to find in well-protected systems. Therefore a hacker or virus needs to be relatively clever to be able to use them as a way of getting inside the secure network.
The efficiency of static firewalls is entirely dependent on 2 elements. The first is their ability to recognise intruders (which is why any anti-virus software has to be kept up-to-date). The second is the topological stability of the network they protect. In other words they are implemented where they are needed i.e. at interfaces with other networks and computers.
Network architecture, which is assumed to be fairly stable in the long term. In other words, the security manager knows where communications from the outside world will come from, and can use this information to prepare the network defences. As a result, computers behind the firewall can run only normal anti-virus software and still be reasonably safe, because serious, deliberate attacks are dealt with by the gateways.
However, emerging technologies such as peer-to-peer architecture and ad hoc communication networks mean that the concept of a static gateway is no longer applicable. For example, switching a mobile, wireless access point on or off at any time and place, and by doing so to join/leave a network of freely interacting devices means that the network topology is unstable.
The security systems for dynamic networks need to be able to cope with the threat of unknown viruses and inventive probing strategies as well as with dynamic topology. In the absence of adaptive defence mechanisms, these networks are vulnerable to new, yet undetectable forms of aggression, but also to attacks emanating from known malevolent entities, due to unexpected exposure of unprotected devices.
In a dynamic network, a node that is at one point safely located far behind the firewall can suddenly become directly exposed due to physical displacements or topological changes. An example of the first case might be a person walking out of office while talking on a mobile phone, and switching from “voice over IP” (presumably using a secure base station protected by the corporate firewall) to the normal cellular phone network. The second situation (topological change) could involve a fixed server that starts acting as the primary access point for external customers after one of its counterpart (normally in charge of automated online support) has failed. In both cases, a device that was once safely behind the firewall without any protection of its own suddenly needs to raise a firewall in order to keep safe and avoid becoming a backdoor.