[Talk] re: Security Implications of Homogeneity

David Bullock db at dawnbreaks.net
Wed May 12 22:15:37 EST 2004 

On Wed, 12 May 2004, Con Zymaris wrote:

> On Wed, May 12, 2004 at 09:08:05AM +1000, Russell Standish wrote:
> > On Tue, May 11, 2004 at 10:53:20PM +1000, David Bullock wrote:
> > > Where is the research that indicates the degree of
> > > heterogeneity required to achieve levels of network
> > > robustness?
> > >
> > > Are 2 alternatives enough, or does it take 10
> > > alternatives to really make a difference?
> > >
> > > For example, Jim Waldo says at:
> > >
> > > http://java.sun.com/developer/technicalArticles/Interviews/waldo_qa.html
> > >
> > >   "It is an interesting question as to what the actual
> > >    dimensionality of a network is, measured as the average
> > >    number of connections between points. Some research that
> > >    I've read shows that the dimensionality is some fractal
> > >    between 7 and 8. This means that as the network doubles
> > >    in size (the number of nodes, or points) the volume of
> > >    the network (a measure of the number of interconnections)
> > >    goes up by some power of between 7 and 8."
> > >
> > > (He points out how this exponential growth of the network
> > > is faster than Moore's law).
> >
> > Sorry to be a pedant, but scaling to the power of a, where 7<a<8,
> > could be stated as doubling the size of the network increases the
> > volume by 2^a.

'Exponential' would have been my imprecise language for
'increases very rapidly' :-)   Waldo wasn't guilty of it.


> You're answering the wrong question. The right question is:
>
>  Is there an appreciable gain in system and network survivability if more
>  than one, orthogonally different platform is used throughout an
>  organisation?
>
> Ancillary question:
>
>  If so, what's the optimum number of platforms, taking into consideration
>  maintenance TCO issues.

Yep, that's what I am getting at.  For example, current
worms are infecting a very large percentage of machines
that connect to the internet.  Is simply halving the
number of infectable machines (via heterogeneity) enough
to prevent the worm manifesting effects at the large scale
we currently see?  (probably not)  Presumably there is
*some* number of different platforms whereby there is never
sufficient homogeneity for such a worm to get off the
ground at all.  What is that number?  Is it practical to
expect this degree of diversity in the network?  What
are its global effects on TCO?

People would probably listen a bit more to the heterogeneity
argument, if there was some research backing it up.

cheers,
David

More information about the Talk mailing list