Network
Security Model (NSM)
The Open Systems Interconnection
model (OSI), developed in 1983 by the International
Organization for Standardization (ISO), has been used as a
framework to teach networking basics and troubleshoot networking
issues for the last 25 years. It has been so influential in
network development and architecture that even most of the network
communication protocols in use today have a structure that is
based on it. But just as the OSI model never fails us, we find that
we are lacking a standard that all network security professionals
can adhere to, a Network Security Model (NSM). Today’s sophisticated
and complex networks provide the fundamental need for the
NSM.
The proposed Network Security Model
(NSM) is a seven layer model that divides the daunting task of
securing a network infrastructure into
seven manageable sections. The model is generic and can apply to
all security implementation and devices. The development of the NSM
is important because unity is needed in securing networks, just as
unity was needed in the architecture of networks with the development
of the OSI model. When an attack on a network has succeeded it is
much easier to locate the underlying issue and fix it
with the use of the NSM.
The NSM will provide a way to teach
and implement basic network security measures and devices as well
as locate underlying issues that may have
allowed an attack to succeed. Traditionally we work from
the bottom up to determine which layer has failed on the OSI model,
but on the NSM we will work from the top down to determine which
layer has failed.
Why do
we need a Network Security Model?
A well structured NSM will give the
security community a way to study, implement, and maintain
network security that can be applied to any network. In
study, it can be used as a tool to breakdown network security
into seven simple layers with a logical process. Traditional books
have always presented network security in an unorganized
fashion where some books cover issues that other books may
completely neglect. In implementation, it can be used by network architects
to insure that they are not missing any important security details
while designing a network. In maintaining existing networks
it can be used to develop maintenance schedules and lifecycles for
the security of the existing network. It can also be used to
detect where breaches have occurred so that an attack can be mitigated.
The NSM is beneficial to all types
of professionals. Let us not forget professionals who are
transitioning into positions previously held by other
network security professionals. Currently, learning what
security techniques are implemented on a network and which ones have
not can be a daunting task when the basic security structure of the
network is unclear. The NSM provides that basic structure. It provides
the new professional with the knowledge to discover what has
been implemented and what has not been implemented from a security
standpoint. Without an NSM, the network security community faces
potential chaos as professionals continue to implement their own
versions of secure networks without adequate structure.
