Balkanizing the Internet

Tuesday, November 01, 2011

Gabriel Bassett

C70bb5cfd0305c9d18312d92f820c321

In light of the UK cyber security summit, I thought it might be appropriate to discuss the balkanization of the internet. 

This is not a story about where the internet should go, or could go, but where it will go.  Market forces will simply guide us to this end.  Honestly, that's probably OK.

The internet is really not one contiguous environment.  Instead, due to the nature of service contracts and peering agreements, it's a mesh of interconnected information systems.  These information systems are already undergoing a balkanization as we speak. 

Companies require business only be conducted within their network.  ISPs require strict agreements as well as providing some minimal security protections.  VPN services provide a completely open connection in which you provide your own security. 

Some governments attempt to completely control the content of their information systems.  The FBI even suggested an alternate internet for critical systems.

In the end, what is important is that we explicitly recognize what is going on.  Through multiple technologies (remote desktops/shells, VPNs, hosting services, etc), we have the ability to choose an information system or systems to exist within. 

We may choose to conduct our day-to-day personal network use within our home information system, buried within our ISP information system, buried within our country information system.  We may choose to host a website within a information system specifically designed to protect web servers. 

We conduct our business duties through a VPN to our corporate network.  And we have one system residing on a VPN to an uncontrolled provider who does not restrict our actions but offers us no security.

At the conference, hopefully those leaders in attendance understand that they are making agreements about how their country or corporate information systems will interact with each other. 

However, they must realize that there will be information systems which will not agree to their rules, (and which they can then choose to defend themselves against).  They must also understand that people may not choose to agree to their terms for existing within their country or provider information system and instead have the choice to exist in another.

Thats not to say that people won't have to pay for their physical connection, but in most places there are multiple options (cable, DSL, dial-up, satellite, cellular, RF/wimax/wireless, etc). 

And even if you are restricted to a physical provider, no group has ever been able to block people's connectivity.  The ability of malware to circumvent even the best companies' security, or people to circumvent the great firewall of China, bears this out.

There is great potential for companies and countries to offer information systems which provide varying services (security, QoS, etc) in return for the member being burdened in various ways (payment, use agreements, etc). 

If we ignore the inherent balkanization as well as people's freedom of choice, the internet will grow, but without the clarity which could provide people, companies, utilities, and governments the service and security they need at burdens they are willing to accept.

Possibly Related Articles:
8396
Enterprise Security
Information Security
Government Virtualization Regulation internet Free Market ISP balkanization
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.