Edge: TURING’S CATHEDRAL by George Dyson
Edge.org has an essay by George Dyson loosely concerning his recent visit to Google. Though the entire essay is worth a read, I was particularly drawn to a few comments on distributed systems which are in line with some of my concerns around the scalability of the central server security architecture:
In a digital computer, the instructions are in the form of COMMAND (ADDRESS) where the address is an exact (either absolute or relative) memory location, a process that translates informally into “DO THIS with what you find HERE and go THERE with the result.” Everything depends not only on precise instructions, but on HERE, THERE, and WHEN being exactly defined. It is almost incomprehensible that programs amounting to millions of lines of code, written by teams of hundreds of people, are able to go out into the computational universe and function as well as they do given that one bit in the wrong place (or the wrong time) can bring the process to a halt.
Biology has taken a completely different approach. There is no von Neumann address matrix, just a molecular soup, and the instructions say simply “DO THIS with the next copy of THAT which comes along.” The results are far more robust. There is no unforgiving central address authority, and no unforgiving central clock. This ability to take general, organized advantage of local, haphazard processes is exactly the ability that (so far) has distinguished information processing in living organisms from information processing by digital computers.
Network security used to be focused on special purpose devices scattered around the network (firewalls, IDS, etc.). Similarly, network identity worked only on a small percentage of connections (dial-up and VPN). I’m not sure this model will hold in the long run, primarily because almost every device in a modern enterprise network has a security component (routers, switches, APs). Furthermore, with the advance of 802.1x and other network authentication protocols, unauthenticated network connectivity will diminish. So when every device is doing security, and every network connection is authenticated, can we really rely on the HAL-9000 approach to policy management and enforcement? I need to put together more thoughts on this but models like IP routing tables and DNS hierarchies start seeming like far more sound ways to organize security policy and enforcement.