De-perimeterisation as a cycle: tearing down and rebuilding security perimeters

A. van Cleeff, Roelf J. Wieringa

    Research output: Book/ReportReportProfessional

    40 Downloads (Pure)

    Abstract

    If an organisation wants to secure its IT assets, where should the security mechanisms be placed? The traditional view is the hard-shell model, where an organisation secures all its assets using a fixed security border: What is inside the security perimeter is more or less trusted, what is outside is not. Due to changes in technologies, business processes and their legal environments this approach is not adequate anymore. This paper examines this process, which was coined de-perimeterisation by the Jericho Forum. In this paper we analyse and define the concepts of perimeter and de-perimeterisation, and show that there is a long term trend in which de-perimeterisation is iteratively accelerated and decelerated. In times of accelerated de-perimeterisation, technical and organisational changes take place by which connectivity between organisations and their environment scales up significantly. In times of deceleration, technical and organisational security measures are taken to decrease the security risks that come with de-perimeterisation, a movement that we call re-perimeterisation. We identify the technical and organisational mechanisms that facilitate de-perimeterisation and re-perimeterisation, and discuss the forces that cause organisations to alternate between these two movements.
    Original languageUndefined
    Place of PublicationEnschede
    PublisherInformation Systems (IS)
    Number of pages29
    Publication statusPublished - 5 Dec 2008

    Publication series

    NameCTIT Technical Report Series
    PublisherCentre for Telematics and Information Technology, University of Twente
    No.WoTUG-31/TR-CTIT-08-65
    ISSN (Print)1381-3625

    Keywords

    • SCS-Services
    • METIS-254955
    • IR-65183
    • EWI-14329

    Cite this

    van Cleeff, A., & Wieringa, R. J. (2008). De-perimeterisation as a cycle: tearing down and rebuilding security perimeters. (CTIT Technical Report Series; No. WoTUG-31/TR-CTIT-08-65). Enschede: Information Systems (IS).