Preface
In today's world, where computer viruses and security threats are common themes in anything from Hollywood movies and TV advertisements to political discussions, it seems unthinkable to ignore security considerations in the design and implementation of any network. However, it is only in the past 4–5 years that talkative security experts have been invited to the design table from the start. The common thinking only 5 years ago was either: this is somebody else's problem or let us design the major functionalities first, then bring in a cryptographer to secure it! This treatment of security as an add-on feature typically led either to design delays, overheads and extra costs when the "feature" had to be included, or to ignored security provisioning when the "feature" was not a must. The problem, of course, stemmed from the fact that security "features" have rarely been revenue-makers. As we all know, many political, social and economic events in the last half decade have forced the designers, regulators and businessmen to adjust their attitudes towards security considerations. People realized that although security measures are not revenue-makers, their lack is indeed a deal breaker, to say the least, or has catastrophic aftermaths, at worst.
The Internet Engineering Task Force (IETF) has also played an important role in establishing the aforementioned trend by making a few bold moves. The rejection of some very high profile specifications due to the lack of proper security ...
Get AAA and Network Security for Mobile Access: Radius, Diameter, EAP, PKI and IP Mobility now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
