Introduction

jtruitt@dw3f.ess.harris.com
Thu, 04 Aug 94 08:26:07 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Justin Lister: "For those that have just joined"
Previous message: Justin Lister: "Just to get things rolling"

Hi,

	My name is Jim Truitt. I am a Staff Engineer working for Harris
Information Systems Division in Melbourne, Florida, USA.

	I first got into security about three years ago. It was at that
time that I first became aware of intrusion detection (ID) technology.

	ID seemed to be the next logical step in the evolution of
computer/network security.

	First computer systems were isolated (i.e. not networked) and
everyone could do everything. It quickly became obvious that you
couldn't (shouldn't) allow everybody to do everything. So the next step
was to allow certain people do certain things. To accomplish this
identification and authentication (I&A) techniques were developed and
coupled with access control (DAC, MAC) techniques to determine what
things an individual user could do.

	This was better, but certain people could still do certain
things to abuse the system. So the next step was accountability. To
address this issue auditing systems (AUD) were devised to record all
activities of all users on the system. System administrators were
quickly overwhelmed by reams of audit data, to the extent that the data
became useless (i.e. to much to process). This issue was addressed by
the development of audit data reduction and analysis tools.

	So now I just about have control of my isolated system, but my
users need access to the outside world. Let's attach our once isolated
system to a network to the outside world. My internal users can now
reach outside their system, but external users can also get in. I
counter this with a firewall, but in the back of mind I have these
nagging concerns that an outsider might defeat the firewall or an
insider might do something harmful to the system (intentionally or
unintentionally). I will counter this with monitoring and scanning software.

	Take all of this and combine it into an integrated package and
I think you have arrived at ID.

	The chronology may not be exact, but the point is that the time
is right and the need is there for ID capabilities (and products).

Jim Truitt

	

-------------------------------------------------------------------------------
| NAME	:JAMES O. TRUITT (JIM)		| HARRIS CORPORATION	| INFORMATION |
| PHONE	:1-407-984-5791			| P. O. BOX 98000	|   SYSTEMS   |
| FAX	:1-407-984-6323			| MELBOURNE, FL 32902	|  DIVISION   |
| EMAIL	:JTRUITT@HARRIS.COM		| MS W2/7742		|             |
-------------------------------------------------------------------------------

Next message: Justin Lister: "For those that have just joined"
Previous message: Justin Lister: "Just to get things rolling"