SDSC searches for security
- By Brian Robinson
- Dec 09, 2001
Everyone recognizes the importance of security. In pushing for e-commerce, though, organizations sometimes end up making questionable trade-offs between supporting transactions and securing the network. That's something the San Diego Supercomputer Center (SDSC) hopes to fix.
The problem arises from the fact that the Unix "syslog" network protocol, which has traditionally been used to log messages between computers, taxes the network. Administrators have routinely turned off their system logging so that networks could keep up with the amount of traffic they were carrying. If they kept logging turned on, the networks began to lose huge chunks of data because the logging couldn't keep up.
But when that happens, said Tom Perrine, SDSC's manager of security technology, one loses the kind of historical perspective vital to designing good network security. Also, the lack of data integrity allows network attackers to inject false data into the system log.
"You certainly can run a network without the log, but security and per.formance suffer over the long run because people don't have the ability to go back and look at where problems have occurred," he said.
The Next Generation Internet will only exacerbate this with its order-of-magnitude increases in network data rates, he said. The resulting increase in transactions per second — the lifeblood of e-commerce — will be enormous, and the current syslog protocol will be overwhelmed.
To counter that, SDSC (www.sdsc.edu) will develop the first technology based on the draft Internet Engineering Task Force standard for a high-performance syslog protocol, something SDSC officials hope will help speed its adoption by industry, including "high-leverage" groups such as software developers.
"Because transactions per second for e-commerce people is almost as important as time-to-market is for other vendors, system logging has become an accepted trade-off," Perrine said. "What we are trying to get over to people is that you really can't do without it and certainly won't be able to with the NGI, when users will expect the highest levels of security and performance."
Developing the protocol has been on the SDSC's to-do list for some time, Perrine said, but tight budgets have meant the focus has had to be on other things. The CommerceNet grant changes that.
Perrine expects a beta version of the syslog protocol to be out in mid-2002 and the final version some three months after that.
Brian Robinson is a freelance writer based in Portland, Ore.