Manage Learn to apply best practices and optimize your operations.

Critical infrastructure protection in homeland security: Defending a networked nation

In this excerpt about critical infrastructure protection, author Ted G. Lewis posses a key security question: What should be protected and how?

Critical infrastructure protection: Secure the hubs, not the spokes 

critical infrastructure protection

This principle is a direct consequence of the first principle. Critical infrastructure sectors are organized as networks with hubs. The hubs are the critical nodes, so the next step in infrastructure protection is to protect the hubs. Given limited resources and the fact that most sectors are extremely large, we cannot afford to protect everything, so we opt to protect only the critical nodes.

For example, the Internet is known to contain approximately 250 million servers; all are important, but only a few are critical. The current strategy of protecting each and every server is not effective and is very expensive. Information technology managers are spending far too much time and money on cyber-security, anti-viral software, and restrictive operating procedures.

An asymmetric alternative or counter-strategy to the current approach is to protect the hubs of the Internet. These are the servers with the largest connectivity to the Internet. In fact, the Internet is highly clustered around fewer than 250 servers—the top 250 hubs. What happens to cyber-security when these 250 or so servers are hardened against computer worms and viruses? They stop spreading, and eventually the malicious worm or virus dies out. 

By securing the hub servers of the Internet, we protect all servers. This surprising result is actually intuitive if you think asymmetrically about it. Consider this: Most traffic, and thereby most worms and viruses, are propagated by the most active servers, the hubs. If these "promiscuous" servers are protected, they cannot spread worms and viruses, and if they stop the spread of malicious software, nearly all propagation halts. This is intuitively obvious, but it will be demonstrated in a rigorous manner in Chapter 13.

The critical node strategy can also be turned into network warfare by using hubs to purposely spread "killer-virus" software. This software behaves just like a worm or virus, but instead of damaging other computer systems and destroying important information, a "killer-virus" destroys all other viruses. In other words, network hubs can be used as an offensive weapon. In the case of the Internet, we can release killer-viruses "into the wild" and let them hunt down and kill the malicious viruses. The most effective way to do this is to launch them from hubs. Therefore, critical nodes in the telecommunications and information sector can be used for good or evil. Why not use the network structure of most critical infrastructure sector to launch a counter-attack?

This was last published in May 2006

Dig Deeper on MDM best practices

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchBusinessAnalytics

SearchAWS

SearchContentManagement

SearchOracle

SearchSAP

SearchSQLServer

Close