Last week at the the IFIP/IEEE International Symposium on Integrated Network Management I gave a keynote talk on how we might improve the reliability and availability of the net - (See my Blog entry of March 25, 2003.) One of the points that I made was that as the net moves towards being a utility, there must be a significant improvement in the the availability of usable net services and a similar reduction in the time to repair such failures that do occur.
Unfortunately I have had experiences learning what happens when networks crumble whether by human or natural causes. The job of putting things back together is chaotic and ad hoc. Security measures are, at best, a troublesome nuisance and, at worst, an obstacle preventing recovery.
A couple of days after my presentation, during a discussion on Secure BGP by Steve Kent, it occurred to me that I don't have a good mental metric how to evaluate the tradeoff between network security and network recoverability.
If we think of the internet as a utility, the social value of the net is not necessarily maximized by high security. High availability (which implies speedy recovery from those failures that occur) may be of equal, or even greater importance than security.
This raises a question - To what extent is internet security in conflict with internet recoverability? How can we minimize this conflict? And how do we strike the right balance?Posted by karl at April 3, 2003 12:35 AM