The Awards: Best network service provider security architecture

I've been looking at a lot of different technical security architectures
for network providers. Obviously many providers keep their security
secret, so they may or may not have a decent security architecture.
Nevertheless there is still a lot of good information available from
government agency networks, academics and vendors.

The best network service provider security architecture document

First Place: Information Assurance Technical Framework
Second Place: The ESNET unclassified Security Plan
Third Place: University of Washington Network Security Credo

From the IATF document

5.1 Availability of Backbone Network

I would disagree about item #3, IP is a datagram service, and does not
protect against delay or packet drops (see item #1). Otherwise this is a
decent list of functional security requirements for most Internet
backbone providers. Its short, but covers the big items.

1. BNs must provide an agreed level of responsiveness, continuity of
    service and resistance to accidental or intentional corruption of the
    communications service. (The agreement is between the owners of the
    network and the users of the network.)

2. BNs are not required to provide security services of user data
   (such as confidentiality and integrity)that is the user's

3. BNs must protect against the delay, misdelivery, or nondelivery of
   otherwise adequately protected information.

4. BNs, as a part of the end-to-end information transfer system, must
   provide the service transparently to the user.

5. As part of the transparency requirement, the BN must operate
   seamlessly with other backbones and local networks.

I absolutely agree with Item 3. Sure, IP itself doesn't protect against
those things, but if a BN doesn't provide service without delay, misdelivery,
or nondelivery of otherwise adequately protected information (valid packets),
then the BN isn't very useful.

If I met all the other criteria here, but blackholed half the traffic, my
BN wouldn't be very good.


If you have done a good job negotiating Item 1, item 3 is redundant. On
the other hand if you have choosen a crappy backbone in Item 1, using
VPN/SSL/whatever to secure your packets won't help delay or nondelivery
of packets.