Improving network security through the use of Host Rings
Geoff Halprin 2005Much work has been done in recent years on Internet Firewall technology. This technology creates a "choke point" through which all traffic must pass between (typically) the Internet and the internal network. This technology is equally useful wherever a clear separation can be made between any two networks where one does not trust the other. This is extremely valuable technology in the fight to control the security of a network. The basic assumption that this technology makes, however, is that everybody on the outside is bad and everybody on the inside is good. In order to bring better control and security to an internal network, another security model is required. This model needs to recognise that physical and logical security attributes, and the separation of functions, as is commonplace with good client-server network design, can contribute to identifying where and what type of trust should exist between hosts. Experience has shown that the current client-server computing environment closely matches the environment of traditional time-sharing hosts, and we should be able to draw on work performed for host security, and adapt this to network security. The model for network security developed in this paper is called "Host Rings," or "Rings of Trust." It is similar in notion to the Multics concepts of execution domains and protection rings. Applying these techniques using the commonplace public domain tools of tcpd, ssh and rdist can provide us with a formal security model providing many distinct advantages over the intricate and inherently untrustworthy web-of-trust so common at present. This paper describes the host rings model, how it can be implemented, the advantages of this model, and experiences with implementing it at various sites.
 | Presentation slides |
About Geoff Halprin
Geoff Halprin is the President of The System Administrators Guild (http://www.sage.org), a Board Member of The USENIX Association (http://www.usenix.org) and Principal Consultant for his own company, The SysAdmin Group (http://www.sysadmin.com.au). We are most privileged to have him speak at SecureCON.