Network Skeleton Security® Strategy:
Core First, Build Up!
Consultation, Design, Tool-Box
Public Facing Networks are vulnerable to smart protocol-busters, and must first insure a robust skeleton: a core network element.
The unique feature of the Network Skeleton Security® Strategy (NS3) is its recognition of surface vulnerability. A network that interacts with a large array of clients, where private databases are accessed countless times a second, is protected by at most a best practice protocol, which is inherently vulnerable to an attacker that would identify protocol cracks (zero days faults). The most celebrated and most tested networks in the world have been compromised by attackers who spotted a penetration scenario that was not suspected by the protocol designers. The standard response is a fault-matching-patch. This strategy keeps the security of the system one step behind its violator. A good network security analysis would recognize this inherent vulnerability and devise a responsive strategy. The Skeleton is such a strategy.
The guiding principle of the Network Skeleton Security® Strategy (NS3) is:
1. Establish a secure core -- a skeleton for the network.
2. Focus on insuring the security of the core even when the rest of the network has been compromised.
3. Rebuild the broken-in network on the basis on the un-compromised core.
The NS3 complements any surface strategy designed to prevent system penetration on the 'surface'. It is a 'just-in-case' strategy. Before we offer tools and devices we stress the Skeleton® mindset. The idea that 'there is life after a system penetration'. The notion that a robust recovery plan will allow a less burdensome surface security practice, and enable an effective mitigation and quick bounce-back after a system penetration.
We combine the Skeleton Security® strategy with the off-line core data preservation strategy, where critical data is kept ideally off the digital boundary, but at least off the reach or online hackers. Such off line base data combined with integrity uninterrupted Skeleton will effect a quick system recovery.
Before a Skeleton Security® strategy can be implemented, it is necessary to analyze the damage from a system penetration and devise a come-back plan to mitigate this damage by relying on the wholesomeness of the Skeleton which was pre designed to withstand a penetration attack.
As to the skeleton® tools, the most important of them is the hardware secure subnet: a subnet (Skeleton network) of computing centers which accepts only data flow that was decrypted by a physically secure Data Access Box (DAB). Thereby only data that was previously encrypted by a matching DAB will be able to inject into the Skeleton computer any message of meaning. A set of such computers that only accepts decrypted information will form the Skeleton®. The data it holds will be used to rebuild the surrounding network for which the secure network serves as a skeleton.
The practice and the tools are covered by BitMint know how and by a series of BitMint patents (6,823,068 * 8,229,859 * 9,471,906 * 10,395,053 * 10,445,730 * 10,467,522 * 10,523,542 * 10,541,808 * 10,541,954 * 10,594,480 * 10,608,814 )
P.O.Box 1022, McLean, VA 22101, USA