Shulou(Shulou.com)06/01 Report--

In the past two days, the Heart bleed loophole has set off an uproar on the Internet. As a major loophole in the basic security software, it has a far-reaching impact. The major Internet companies, Party A, Party B, White Hat and even CCTV have all acted together to test, patch, upgrade, report and publicize each other. Everyone is very busy, giving the majority of netizens a good hand of information security.

Compared with the hubbub of Internet security, physically isolated enterprises, governments and other closed networks seem to be quiet, only a handful of people are concerned about and understand the loophole, and the actions taken must not be as enthusiastic as the Internet. Because of the closure, there is no apparent threat of chaos, and there is no pressure from skilled black and white hat tests, closed network managers must not have the incentive to stay up late to close the loophole in the first place. And this is by no means the first time this has happened.

Unlike the open Internet, the physically isolated closed network does not have so many users, not so many applications, and no pesky black and white hats. However, this does not mean that the closed network can rest easy. Openssl, as the basic security library, is likely to be widely involved in operating systems, web applications, remote configuration of devices, and even application security gateways. Due to the lack of tests in broad daylight and the lack of co-evolution with people, the security loopholes in closed networks must be even worse than those in open networks.

Therefore, for the security of a closed network, it is necessary to have controllable "evil" forces to test its internal sex, just like the coevolution of cats and mice, the protection of closed networks cannot be without "natural enemies". At the very least, a closed network should make up for the loopholes that have been disclosed, which is the bottom line of closed network security. Unfortunately, in reality, some closed networks may not even be able to meet this bottom line, but they have to pursue the so-called "autonomous control", but they do not realize that private designs that lack censorship and testing are even less trustworthy.

In addition to patching, plugging loopholes and upgrading the feature library at the first time of a threat, the security of a closed network should also pay attention to the control methods based on whitelist, such as authentication and authorization of users, access control of terminals, and distribution management of applications. White or black, and those that are not allowed are prohibited by default. This is also commonly used in many closed networks. However, there are still two big problems. First of all, the whitelist management problem, the whitelist of terminals and users can still be solved, what is rare is the application, the applications on the modern operating system are numerous, once the scale of the closed network and users are large to a certain extent, it is almost impossible to implement the whitelist of the application, this is not a technical problem, it is a rare balance between security and business availability. What is more difficult is the judgment of the whitelist. What is white? Are legitimate users, legitimate terminals, and legitimate applications really trustworthy? The key here lies in the continuous detection of its anomalies, internal wrongdoing, legitimate terminals and applications with 0day, especially in the context of APT, high-value closed networks are almost impossible to avoid * *, which requires accurate analysis of all kinds of information obtained in closed networks. DARPA's active authentication program continuously authenticates users according to the behavior in the user's internal network, such as keystroke mode, software operation habits, and even the reaction in the face of anomalies, and is even expected to replace CAC authentication cards and passwords, which should be the development direction of closed network security.

Finally, because loopholes always exist objectively, closed network, as a high-value target, is difficult to be foolproof. Instead, we should use some design ideas of reliability for reference to aim at the availability of key business after suffering * *. Mitre calls this design idea of flexible Cyber Resiliency in cyberspace. Redundancy, jump, segmentation of key systems, sandboxie, redirection of * *, and non-continuous service provision are all specific elastic mechanisms. The research in this area will be broken down next time.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.