¶ … new High Assurance Domain (HAD) Project has been ensuring businesses and individual users enhanced networking and communications security. The HAD project was expressly "created to foster development and deployment of new network security technologies to increase trust in online communications," ("High Assurance Domain (HAD) Project," 2012). In fulfillment of the HAD primary objectives, developers are compiling a range of technologies and protocols. Observers have noted current weaknesses in Internet protocols and general networking architecture. These weaknesses can and have been exploited. Learning from these weaknesses has led to the development of more secure protocols and systems "to aid in building trust between consumers and business (C2B), business to business (B2B) and consumer to government (C2B) communications," ("High Assurance Domain (HAD) Project," 2012). For the most part, the HAD vision offers sound ways of boosting security and operational robustness, while also complying with new standards and regulations.
The most important components of HAD include DNS Security Extensions (DSNSEC), IPv6, Automated Compliance Testing using the Secure Content Automation Protocol (SCAP), Email Authentication and Verification of Email Servers, and Trusted Infrastructure for Identity Management (for individuals and non-human services) ("High Assurance Domain (HAD) Project," (2012). Each of these components ensures compliance with National Institute of Standards and Technology (NIST) recommendations for information security (Bowen, Hash & Wilson, 2006). Moreover, these components also represent long-range planning in coordination with emerging federal mandates. As of 2010, the federal government began implementing regulations related to Internet routing security (Marsan, 2010). As much as $3 billion was allocated in that year alone. Investments into Internet security have risen since then, to account for the growing need for security at the enterprise and individual level. A series of malicious attacks threatening government, business, and other sensitive domains has bolstered the need to ramp up security management.
Like its predecessor plans such as Resource Public Key Infrastructure (RPKI), the HAD project consists of a variety of protocols and systems technologies that can work together and in tandem. This means that the entire network is bolstered by back-up plans and contingencies, as well as offering a multi-layered security system. Furthermore, operational robustness is ensured by the long-term strategic development planning that HAD entails.
HAD is not without its weaknesses. The vision lacks clearly designated modes of intruder detection. Algorithms used for risk analysis and assessment would also be helpful, but such things can also fall outside of the domain of network security and routing security. As funding for information security increases in both the public and private sector, it will be easier to fill the gaps that HAD has currently, creating opportunities for more operational robustness in the future.
You’re 83% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.