Extending Full Spectrum Dominance to Cyberspace
All security is based on assumptions and all modern security solutions make the assumption that the network is insecure and then search for vulnerabilities. That search can be in the form of firewalls scanning each packet that enters the network, signature-based malware detection schemes, of using sandboxes (or multi-vector virtual execution) to run code inside a protected environment.
These are very sophisticated technologies but they all suffer from one fundamental problem: they can’t guarantee that they are working. They might work but then again they might not and it only takes one successful breach to have your most critical IP compromised. Users of these technologies have to rely on trust, and trust without verification is a failed and failing strategy.
KSI makes a different assumption: That the state of a network can be independently verified with mathematical certainty. The key word is “independently”. It means that the configuration of every switch and router, the state of every event log and data item in data stores can be verified without the need for trusted administrators or in the procedures that define the security of the network.
The implication is that if you can guarantee the state of your network then any unauthorized change in the state of that network represents an attack, the impact of which can be mitigated. This is a fundamentally different assumption: that security can be guaranteed with attribution for any attack.
Consider an analogy in the physical world, securing a country from terrorism. Firewalls are the TSA doing metal detection scans on passengers entering and leaving the country. They catch only the most dim-witted of attackers who bring bombs in their suitcases. Sandboxing involves opening every passenger‘s bags, searching inside and testing the content. They might work, but there is no way to verify that they do, and both technologies are useless against sophisticated attackers that originate on the inside.
Contrast that with KSI; the equivalent of Tag, Track and Locate for every individual asset in the country and automated action taken when that asset is out of “compliance”. Before you can dominate you must have awareness of your domain and attribution for activities in that domain. KSI is the technology which can provide domain awareness and attribution at the scale needed for modern networks, enabling the extension of full spectrum dominance to cyberspace and the guaranteed security of networked digital assets, both military and commercial.
It is a historical fact that security was an after-thought for the Internet and that is why modern security solutions all use the same base assumption. Different assumptions however lead to different conclusions and the inevitable conclusion of the widespread deployment of KSI and Attributed Networks, delivered as a service to world governments and global corporations via their telecommunication partners will be complete accountability and transparency, re-establishing trust in global business and simultaneously solving a three trillion dollar cyber-security problem for global society.
More details at the conference webpage.