Security is like a Medieval royal escort
It needs to know who can and can't have access to the king and the crown jewels. By Taher Elgamel, CTO, Tumbleweed Communications.
Let's compare a connected network to a medieval city surrounded by a high wall. The age-old security model of building a wall to separate insiders from outsiders no longer applies to the connected world. New security has to extend beyond the boundaries of an enterprise to protect data in motion. The new world needs us to change the way we think about securing our important data, rather than only attempting to secure the network infrastructure from outside threats. Security needs to act like a royal escort, opening up the computing environment while keeping security risks out by personally guarding the king's treasure (or sensitive data in 2008) at all times so it never falls into the wrong hands. Content-based security provides the best route forward to protect the electronic assets.
Security is a hotel
Checking in guests, one at a time. By Shane Buckley, CEO Rohati Systems.
There are lots of guests and staff coming and going -- short stay, extended stay, hourly transients, permanent residents, staff... The dynamic population makes locking the lobby doors impractical, as that would severely impact the flow of commerce. There is some filtering applied via the doorman, but entitlement and access to rooms and services (mini bar, pay TV, laundry, pool, room safe, staff lounge) is based on guests' and staffs' attributes.
Security is a chain
Every link needs to be strong. By Ari Takanen, CTO, Codenomicon.
The old security market model -- where you built walls around your vulnerable systems -- is finally coming to its end. This model never solved any significant problems; it just provided a reactive means of catching attacks and attackers. Today, that hard candy security shell of the M&M candy has melted, revealing the soft chocolate within for anyone to exploit. Now that the old security model has been exposed, businesses are focusing on the real problem facing the industry: the actual flaws in the code. Maybe (eventually) it will be time to finally tear down the hard candy walls, so that we can let people see all the marvelous details within the temple. This is what security has always been about. Security is as strong as the weakest component. If all pieces are rock solid, the entire construct becomes strong and impenetrable.
Security is like DNA
It must become genetic code, designed from the inside out. By Carols Solari, VP of Security, Bell Labs.
Data security must become genetic -- designed from the inside out like DNA. The idea is that security for future systems is not a coat of armor, but is something that is designed inside, that is inherited and that is pervasive. It is a part of the system - whether it is the end-device, or the file that must be protected wherever it is shared so that we can always vouch for its integrity. As data-voice-video can be manipulated at the pixel level, the notion that security must be an inherited feature in the DNA is the idea.