Comparison of Basic Security Strategy


Security by Obscurity Strategy
The basis of the first fundamental strategy is stealth. That is, if no one knows that an organization’s IA baseline and Critical Objects exist, they would not be subject to threats. The intent is that sufficient security can be achieved by hiding an organization’s automated capabilities and the access to these capabilities or at least not advertising their existence. IA does involve the use of stealth to a certain extent. However, the current and growing extent to which organizations have been using their automated capabilities to interact with customers and potential customers does make the strategy option not very practical and realistic.

The Perimeter Defense Strategy
This strategy is more of a concentrated effort of defense and is predominantly technical in nature. Also, this strategy basically focuses on threats from those that are outside the bounds of authorized users to the organization’s IA baseline and Critical Objects. The organization’s IA capabilities are primarily located within a “zone” or “border” of defense between the “insiders” and the “outsiders.” This strategy has been compared to the “Maginot Line” that existed as a defensive perimeter or border between the allied nations and Germany during World War I. An example of this concentrated strategy involves a firewall device that is connected to both the Internet (i.e., outside) side of an organizational border and what is considered to be the organization’s own trusted internal network.

Defense in Depth Strategy
The Defense in Depth strategy takes a much broader approach by defining a number of operationally interoperable and complementary technical and nontechnical IA layers of defense. The critical fact is that the totality of these layers is what provides a cohesive and integrated process for defense in the same way that the seven layers of the Open Systems Interconnection (OSI) Basic Reference Model provide a process for communications. The Defense in Depth strategy recognizes that, because of the highly interactive nature of the various systems and networks, any single system cannot be adequately secured unless all interconnected systems are adequately secured. An IA solution for any system must be considered within the context of this shared risk environment. Therefore, layers of protection are needed to accomplish IA needs. Also, there is a complementary aspect to a Defense in Depth strategy. Multiple layers offset weaknesses of other layers.


User login

Who's new

  • Whemawabbyday
  • KumagryEt
  • izzybob
  • halinatul
  • avyapnrty

Who's online

There are currently 0 users and 1 guest online.