>> Security compares what the state currently looks like to what the state >> should look like. > > the problem is how does one know what the state of the system 'should' > look like?
My understanding has always been that the point of any security system is provide a secure and verifiable indication of what the system should look like in order to compare current events against that standard. For instance, could you secure an airport without some idea of who should be where and when they should be there? Or your house? How do you detect "attack traffic," in your network? By seeing things that shouldn't be there. If you don't know what it's supposed to look like, how can you tell what's not supposed to be there? In the same way, how can you "secure" the routing system without knowing what routes should be where --in other words, without knowing what everyone intended to advertise? Saying "it's okay if we know what it was supposed to look like a week ago," doesn't, IMHO, solve the problem at hand. :-) Russ _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
