[LINK] Milnet rides again
Tom Worthington
tom.worthington at tomw.net.au
Mon Oct 24 09:05:27 AEDT 2011
On 23/10/11 09:14, Roger Clarke wrote:
> [The dullards in the US military have discovered that connecting
> important equipment to the open, public Internet is a bad idea. They
> even think they've invented a new idea - that dedicated networks and
> air-gaps contribute to security.]
>
> FBI Official Calls for Secure, Alternate Internet ... October 21,
> 2011 Associated Press|by Lolita C. Baldor ... Military.com News
> http://www.military.com/news/article/fbi-official-calls-for-secure-alternate-internet.html?ESRC=dod.nl
The FBI is not part of the US military, it is a civilian police force
similar to the Australian Federal Police.
The US DoD is aware of the concept of separate networks, having set up
separate IP networks some years ago:
1. Secret Internet Protocol Router Network (SIPRNet):
http://en.wikipedia.org/wiki/SIPRNet
2. Non-secure Internet Protocol Router Network (NIPRNet):
http://en.wikipedia.org/wiki/NIPRNet
What the FBI official is suggesting is that civilian industry adopt an
similar approach, with separate networks for sensitive control
functions, such as for power grids. In my view that would not be
feasible, but might be a useful way to explain to industry executives
that additional security measures are needed. A physical "air gap" could
not be used for all but the most sensitive applications. Instead
configuration of the network equipment and encryption would be used to
keep the data partitioned. As well as the technical infrastructure,
training of the personnel would be required, to make sure they
understood what they could do on which system.
ps: Just to make the point that an air gap does not stop data access, I
connected to ADFA in Canberra from the flag ship of the US 7th Fleet in
the Coral Sea in 1997: http://www.tomw.net.au/nt/tt97.html ;-)
--
Tom Worthington FACS CP, TomW Communications Pty Ltd. t: 0419496150
PO Box 13, Belconnen ACT 2617, Australia http://www.tomw.net.au
Liability limited by a scheme approved under Professional Standards
Legislation
Adjunct Senior Lecturer, Research School of Computer Science,
Australian National University http://cs.anu.edu.au/courses/COMP7310/
More information about the Link
mailing list