Establishing the perfect network security plan for any organization requires a number of tools and solutions (just visit https://www.fortinet.com/products/management/fortimanager and learn all about it). In this post, I want to discuss one of those tools distributed trust. Distributed trust is a system for securing the Internet of Things, where we can use open source tools to make it happen.
Before we can get into how distributed trust works, we need to understand what exactly a trust graph is. In order to understand distributed trust, we need to think of trust in the context of a graph. A graph is a tree structure with nodes and edges. An important aspect of a trust graph is that trust is represented in a form of a graph and not in the binary sense. For example, in the following trust graph, we see that the group of nodes has a higher degree than the edges of the graph.
To make distributed trust work, you need to create trust relationships between nodes. A graph can’t just represent trust relationships without also representing the information they contain. In a distributed trust network, we need to have nodes with permission to pass information between each other. In the next part, I will discuss some common models for distributed trust that you can use.
On the topic of permissions, the notion of privilege-based cryptography is a great example of a model for distributed trust. The logic of how to make it work is similar to how a distributed graph works. When two users in a centralized network have the same set of permissions, the network is vulnerable to a Denial of Service (DoS) attack. When two users in a distributed network have a higher degree of permissions on each other, they can coexist more efficiently in the network. The mechanism for this is called BGP.
One model of how to design distributed trust using BGP is called the Cloud VPN. It doesn’t rely on any of the above mechanisms, but instead utilizes the capability of the L2TP (Left-to-Right Tunneling Protocol) Layer 2 protocol to enable flexible configurations for users and gateways. Cloud VPNs are a great tool for implementing distributed trust, but you don’t have to build your own VPN for a distributed trust solution to work. Most companies that create distributed trust tools are using Cisco IOS, so IOS makes for a great BGP solution as well. If you need a business phone and internet connection that’s reliable and secure, visit sites like https://www.eatelbusiness.com/business-phone/ and check their packages.
In the case of BGP, you make one endpoint (the “gateway”) to serve the global Internet, then you set up routing rules in a routing protocol like GRE. In a BGP network, the client sends its routing information to the gateway and then the gateway determines how to route the information to its destination. In the case of BGP, we cannot see any other information about the individual users or gateways in the network. Because BGP is a protocol that directly communicates directly with other networks, you can fully trust that the individual processes that create routing information in the network (e.g., routers) don’t try to send the information in the wrong way, especially if they only have data to transmit. If you do, you might lose data. Be sure to backup before doing the process. Visit sites like venyu.com/colocation/ to know how you can protect your data.