Information Security Architecture

Defense in depth is a military strategy; it seeks to delay rather than prevent the advance of an attacker. Rather than defeating an attacker with a single, strong defensive line, defense in depth relies on the tendency of an attack to lose momentum over a period of time or as it covers a larger area.

The idea of defense in depth is now widely used to describe multi-layered or redundant protections for non-military situations, both tactical and strategic. In this respect there is a similarity with Japanse castles and the defensive mechanisms.

The Japanse Castles analogy
In the past Japanese castles were very well defended. To be short: it was almost impossible to penetrate the main buildings. The pathways you are walking on make a zigzag maze to the castle itself. Though we think to approach the castle, we soon go forward another way and come to the stone and plaster walls.
This maze is wel thought over and part of tcastle-2he defensive layout. From the main gate to the inner courtyard of the castle is much shorter distance. In fact the path can be two and a half times as long as that. Just to slow down the enemy and make it difficult to pass all the defensive mechanism right away.

 

Moreover, the passages are narrow because of the steep stairs and slopes, and it is between tall stone and plaster walls, so we feel as if we were walking along the bottom of a ravine. If enemy soldiers attacked along this path, a great number of them would not be able to pass in a group because of this narrow pathway.
Furthermore, there are slits and loopholes in the walls and corridors. If the enemy attacked somewhere in the castle, they should be fired at. They are made to protect the castle.

castle-5

The arrangement of gates and walls sees one of the key tactical designs of the Japanese castle. It is a complex system of a great many gates and courtyards leading up to the central keep and serves as one of the key defensive elements. This was, particularly in the case of larger or more important castles, very carefully arranged to impede an invading army and to allow fallen outer portions of the compound to be regained with relative ease by the garrisons of the inner portion.

 

 

 

castle-3The defenses of Himeji castle are an excellent example of this. As an invading army passed through the outer rings of the Himeji compound, it would find itself directly under windows and loopholes from which they are attacked and also in a position that made them easy targets for archers in the castle’s towers. Gates were often placed at tight corners, forcing a bottleneck effect upon the invading force, or even simply at right angles within a square courtyard. Passageways would often lead to blind alleys, and the layout would often prevent visitors (or invaders) from being able to see ahead to where different passages might lead. All in all, these measures made it impossible to enter a castle and travel straight to the center. Invading armies, as well as, presumably, anyone else entering the castle, would be forced to travel around and around the complex, more or less in a spiral, gradually approaching the center, all while the defenders prepared for battle, and rained down arrows and worse upon the attackers. All of that said however, castles were rarely forcibly invaded.  The castle was a symbol of defensive capacity with which to impress or discourage the enemy.

In IT we can think about defense mechanisms in a more or less similar way. Computer systems, applications, networks also need their protection and goes along
the same path of a multi-layer approach. A set of measures that create a powerful chain in Information Security.


icranium-castle