availability

[George Jones <gmj@pobox.com>]

On Fri, 20 Feb 2004, Ross Callon wrote:

> It seems implicit that part of what this document calls "security" is
> the ability to keep the network operating at all.

Bingo.

> When initially reading this document I took it as implicit that
> availability of the network is part of "security". However, it might not
> be a bad idea to explicitly say this up front.

Current draft says...

03> 1.2 Motivation
03>
03>    Network operators need tools to insure that they are able to manage
03>    their networks securely and to insure that they maintain the ability
03>    to provide service to their customers.
03>    .
03>    .
03>    .

Current working copy (not much changed here) says:

04> 1.4 Definition of a Secure Network
04>
04>    For the purposes of this document, a secure network is one in which:
04>
04>    o  the network keeps passing legitimate customer traffic
04>       (availability)
04>
04>    o  traffic goes where it is supposed to go (availability,
04>       confidentiality)
04>
04>    o  the network elements remain manageable (availability)
04>
04>    o  only authorized users can manage network elements (authorization)
04>
04>    o  there is a record of all security related events (accountability)
04>
04>    o  the network operator has the necessary tools to detect and respond
04>       to illegitimate traffic

Do you think it needs to be more explicit ?  In the abstract or goals ?
Wording ?

Thanks,
---George