Network Security History. The history of network security is a difficult subject to study. No one person or group can claim personal credit for inventing network security. The studies of network security history and development are mostly a study of the evolution of ideas. From the earliest days of computers to the present.
What is the significance of this study?
To understand the significance of this study, it is necessary to look at it in two parts:
1) the impact of these ideas on the field of computing, 2) their impact on network security.
Early Computing history
A good look at the early computing history will show that they did some very strange things. In order to keep these early computers running. This was done mainly because no one knew what made computers crash or how to stop them from crashing. The people responsible for designing and implementing computer security were essentially people who were trying to make sure that nothing bad happened when something bad did happen.
Their primary concern was not with stopping attacks but keeping systems running when attacks did occur. They learned through trial and error. And by studying what others had done before them (which they could observe in action). These people had to be proactive; they had to think about what might happen and then try to prevent it. And not just reactively react after an attack occurred.
This type of thinking is very different from that performed by today’s network security engineers. Especially, who are largely reactive in their approach. Today’s engineers develop responses after an attack occurs, but in those days there was no time for such careful thought; they had to anticipate problems as best they could give their knowledge and experience.
A different type of thinking
In order to understand this type of thinking, we must digress somewhat from our subject area. And look at how they designed computers and built them back then. But still within the context of making sure that nothing bad happened when something bad did happen. A good example is found in a book written by David Crenshaw [Crenshaw]. In his book, he describes a computer program written by a group at MIT that was used for nuclear research during World War II.
This program ran on a computer called Whirlwind (don’t you wish you were around back then?). It was designed for controlling aircraft black boxes (today’s term for a flight data recorder). The program would be run first on a simulator and then on the actual machine (Whirlwind). If everything worked correctly with no errors, then the program would be checked out on a simulator, and then run on the actual machine. If it worked correctly on the actual machine, then they could be assured that it would work on a real aircraft.
Divide and conquer programming
Even today it is not possible to test every possible situation that could happen on an aircraft in a simulator. Aside from the cost issues, there are other problems such as simulating real-world environmental conditions (e.g., turbulence). To deal with this problem back then, the program was written in 20 or so parts. These parts were tested separately and if all of them worked correctly, then they were combined into one program.
If that program worked correctly, then they were assured that the complete system would work correctly when run together. This was called “divide and conquer” programming, and it was used very widely in those days because there was no way to test everything without some sort of “divide and conquer” methodology. This same methodology is still used today; however, it is more refined because we have better testing tools than we did back then.
However, there are still some things that are hard to test completely in a simulator or in a lab, such as how will a system weather an attack from someone who knows how to bypass security controls? It is very difficult to simulate such behavior in a lab environment. Thus, network security engineers still use “divide and conquer” programming methods today. However, because of their lack of foresight and planning for worst-case scenarios over the years, the result has been that many systems have been designed and built (and are still being designed and built) without any consideration for worst-case scenarios.
One design flaw after another
This has led to one design flaw after another resulting in systems that are not secure from attack by people who know how to attack computer systems (referred to as crackers). That is what this study is about: looking at what has been done over time with network security and where we are now with respect to network security problems resulting from this lack of planning for worst-case scenarios during the design process.