SDSC searches for security

Everyone recognizes the importance of security. In pushing for e-commerce, though, organizations sometimes end up making questionable trade-offs between supporting transactions and securing the network. That's something the San Diego Supercomputer Center (SDSC) hopes to fix.

The problem arises from the fact that the Unix "syslog" network protocol, which has traditionally been used to log messages between computers, taxes the network. Administrators have routinely turned off their system logging so that networks could keep up with the amount of traffic they were carrying. If they kept logging turned on, the networks began to lose huge chunks of data because the logging couldn't keep up.

But when that happens, said Tom Perrine, SDSC's manager of security technology, one loses the kind of historical perspective vital to designing good network security. Also, the lack of data integrity allows network attackers to inject false data into the system log.

"You certainly can run a network without the log, but security and per.formance suffer over the long run because people don't have the ability to go back and look at where problems have occurred," he said.

The Next Generation Internet will only exacerbate this with its order-of-magnitude increases in network data rates, he said. The resulting increase in transactions per second — the lifeblood of e-commerce — will be enormous, and the current syslog protocol will be overwhelmed.

To counter that, SDSC (www.sdsc.edu) will develop the first technology based on the draft Internet Engineering Task Force standard for a high-performance syslog protocol, something SDSC officials hope will help speed its adoption by industry, including "high-leverage" groups such as software developers.

"Because transactions per second for e-commerce people is almost as important as time-to-market is for other vendors, system logging has become an accepted trade-off," Perrine said. "What we are trying to get over to people is that you really can't do without it and certainly won't be able to with the NGI, when users will expect the highest levels of security and performance."

Developing the protocol has been on the SDSC's to-do list for some time, Perrine said, but tight budgets have meant the focus has had to be on other things. The CommerceNet grant changes that.

Perrine expects a beta version of the syslog protocol to be out in mid-2002 and the final version some three months after that.

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.