[Talk] mre: Security Implications of Homogeneity

Con Zymaris conz at cyber.com.au
Wed May 12 10:44:02 EST 2004 

On Wed, May 12, 2004 at 09:08:05AM +1000, Russell Standish wrote:
> On Tue, May 11, 2004 at 10:53:20PM +1000, David Bullock wrote:
> > Where is the research that indicates the degree of
> > heterogeneity required to achieve levels of network
> > robustness?
> > 
> > Are 2 alternatives enough, or does it take 10
> > alternatives to really make a difference?
> > 
> > For example, Jim Waldo says at:
> > 
> > http://java.sun.com/developer/technicalArticles/Interviews/waldo_qa.html
> > 
> >   "It is an interesting question as to what the actual
> >    dimensionality of a network is, measured as the average
> >    number of connections between points. Some research that
> >    I've read shows that the dimensionality is some fractal
> >    between 7 and 8. This means that as the network doubles
> >    in size (the number of nodes, or points) the volume of
> >    the network (a measure of the number of interconnections)
> >    goes up by some power of between 7 and 8."
> > 
> > (He points out how this exponential growth of the network
> > is faster than Moore's law).
> 
> Sorry to be a pedant, but scaling to the power of a, where 7<a<8,
> could be stated as doubling the size of the network increases the
> volume by 2^a.
> 
> I'm sorry, but this is a lot slower than exponential (doubling the
> network squares the volume).
> 
> (Maybe what is actually meant is that because the number of nodes is
> increasing exponentially, then the number of interconnections
> increases exponentially with a rate 7-8 times faster. I'm guessing here...)

You're answering the wrong question. The right question is: 

 Is there an appreciable gain in system and network survivability if more 
 than one, orthogonally different platform is used throughout an 
 organisation? 

Ancillary question:

 If so, what's the optimum number of platforms, taking into consideration 
 maintenance TCO issues.


-- 
_____________________________________________________________________________
Con Zymaris <conz at cyber.com.au> Level 4, 10 Queen St, Melbourne, Australia 
Cybersource: Australia's Leading Linux and Open Source Solutions Company 
Web: http://www.cyber.com.au/  Phone: 03 9621 2377   Fax: 03 9621 2477

More information about the Talk mailing list