Tip

Security efforts for data in motion should be put to rest

Dr. Geoff Barrall
CTO,

    Requires Free Membership to View

BlueArc Corporation
Dr. Barrall is the CTO, executive vice president and co-founder of BlueArc Corporation and the principal architect of its core technology, the SiliconServer Architecture. Prior to joining BlueArc, Dr. Barrall founded four other ventures, including one of the first Fast Ethernet companies and a successful UK consultancy business. In this role, he was involved in the introduction of innovative networking products into UK markets including the Packeteer and NetScout. Dr. Barrall received his PhD in Cybernetics from the University of Reading in 1993.

Everybody knows that it is easier to hit a stationary target than a fast-moving target. Yet an enormous amount of resources are being used to encrypt data in motion, while any smart hacker (in its negative context of somebody trying to obtain data not intended for them) can tell you that data at rest is that much easier to decode and transmit to a second location.

While everybody has learned that the Internet has massively enabled hacking in regards to corporate data, the actual risks are still largely unknown and efforts seem to be targeted in the wrong places -- with complex and costly (in terms of CPU load) encryption schemes that serve little purpose.

For example, just the other day, I was watching a popular technology show on cable television that explained how Ethernet broadcasts all communications between two computers to all of the nearby computers, thus allowing a hacker with a sniffer (a piece of software that captures network traffic) to see other users' data.

While this was true in the old shared loop days, prior to 1994, in most small, medium and large enterprises today, data is almost always transferred on switched networks, with Ethernet switches retailing for less than $100, and thus is transferred from point to point -- with no visibility of that data by other network-attached devices. This fact alone prevents almost all sniffer-based hacking attempts from outside the corporate data center (and let's face it -- if the hacker is actually physically in the data center itself, you have a very serious and very different problem). The only way to circumvent this would be for the hacker to load their sniffer program onto the actual server itself, but even in this scenario, there would be much simpler ways to access the data directly.

Given this fact, the enormous amount of resources put into encrypting data in flight, traveling over the network, seems disproportionate. For example, iSCSI incorporates IPSec security, which can encrypt data as it is transferred between two devices, preventing a hacker with a sniffer from seeing the contents of that data -- nevermind that the hacker would first be lucky to get access to the data being routed from point to point, but they also would have to know ahead of time which packets to capture and decrypt from the thousands of packets per second traveling over a particular network segment.

For a long time, this danger was perceived as so great that IPSec was almost mandatory for iSCSI traffic, this requirement being removed just prior to the standard's ratification, when the extreme cost to implement any reasonable data rate was fully realized.

Rather than trying to decode thousands of network packets from many different sources, it is a much easier course for the hacker to get to the data where it is resting in a easy-to-read format on the edge device such as a server. Hacking a standard server is much simpler to do. Locating the data and uploading it to a secondary location is much simpler than trying to decode network traffic packet by packet. Given this, the lack of focus on encrypting data while at rest is surprising.

In fact, California has recently passed legislation to force companies to encrypt certain types of data, such as credit card numbers, social security numbers, etc. However, even encryption on disk is only going to prevent the data from being read if somebody were to steal the hard disk, an unlikely event. A clever hacker with a hijacked user account can still log onto the server and read the data as the file system will decrypt the data as it is read from disk and transfer it in its decoded state.

With all the attention being paid to encryption of data in motion, we need new software that introduces keys on both workstations and servers to ensure only trusted users can access the data from trusted workstations. This would raise the security bar and foil remote hacking attempts. In the majority of cases, a continued stream of additional encryption schemes are unlikely to help.


Copyright 2003, Blue Arc Corporation.

This was first published in May 2003

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.