Connected: An Internet Encyclopedia
Security Considerations

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1812
Prev: E.3.4 The Integrated IS-IS Algorithm
Next: APPENDIX F: HISTORICAL ROUTING PROTOCOLS

Security Considerations

Security Considerations

Although the focus of this document is interoperability rather than security, there are obviously many sections of this document that have some ramifications on network security.

Security means different things to different people. Security from a router's point of view is anything that helps to keep its own networks operational and in addition helps to keep the Internet as a whole healthy. For the purposes of this document, the security services we are concerned with are denial of service, integrity, and authentication as it applies to the first two. Privacy as a security service is important, but only peripherally a concern of a router - at least as of the date of this document.

In several places in this document there are sections entitled ... Security Considerations. These sections discuss specific considerations that apply to the general topic under discussion.

Rarely does this document say do this and your router/network will be secure. More likely, it says this is a good idea and if you do it, it *may* improve the security of the Internet and your local system in general.

Unfortunately, this is the state-of-the-art AT THIS TIME. Few if any of the network protocols a router is concerned with have reasonable, built-in security features. Industry and the protocol designers have been and are continuing to struggle with these issues. There is progress, but only small baby steps such as the peer-to-peer authentication available in the BGP and OSPF routing protocols.

In particular, this document notes the current research into developing and enhancing network security. Specific areas of research, development, and engineering that are underway as of this writing (December 1993) are in IP Security, SNMP Security, and common authentication technologies.

Notwithstanding all the above, there are things both vendors and users can do to improve the security of their router. Vendors should get a copy of Trusted Computer System Interpretation [INTRO:8]. Even if a vendor decides not to submit their device for formal verification under these guidelines, the publication provides excellent guidance on general security design and practices for computing devices.


Next: APPENDIX F: HISTORICAL ROUTING PROTOCOLS

Connected: An Internet Encyclopedia
Security Considerations