Security Posture for Civilian and Non-civilian Networks

摘要

Network security is dependent upon securing individual components, services, and applications. This is done through the prevention, detection, and correction of threats and attacks that exploit vulnerabilities in the network. Network security must be analyzed using various factors, such as security requirements, the inherent strengths and vulnerabilities of different network technologies, and the processes used to design, deploy, and operate networks. The Bell Laboratories security model provides the framework required to plan, design, and assess the end-to-end security of networks. In this paper, the Bell Labs security model is used to (1) define the basic security needs of civilian and non-civilian networks, (2) examine the security capabilities of various technologies and identify their security strengths and gaps, (3) identify key threat-mitigation strategies for civilian and non-civilian networks, and (4) illustrate the value of a comprehensive framework (e.g., the Bell Labs model) in any security program, whether designed for a civilian or a non-civilian network.