When Ethernet was developed, it seemed reasonable to disregard any security considerations in the design decisions and to leave the burden of securing the network to higher-level architecture, encryption, and so on. Over time, however, this initial decision has begun to contribute to the overall maintenance costs of Ethernet networks and the difficulty of keeping them reasonably hack proof without sacrificing functionality in some ways.

The problem is hardly limited to the Ethernet, either. Many networks designed to be trusted based on physical-access or equipment-access criteria—including, for example, most of the world’s phone systems—are inherently and uncontrollably exposed to internal threats with little or no way to efficiently ...