The security of our communication links
How secure are our communication links? Is it more secure to pay a bill by transmitting an unencrypted credit card number over a frame relay circuit or sending a check by U.S. mail? Is a normal frame relay circuit any more secure than going over the Internet?
These are good questions, and a good deal of what you want to know depends on what you mean by secure. If we talk about security in terms of the confidence we have that the whole system will work reliably and without loss, then it's an interesting thing to look at.
To answer your first question, all things being equal, it's more secure to use a credit card than to use a check. If you use a check, you assume the risk. If you use a credit card, the credit card company assumes the risk. It's always more secure to get someone else to assume risks. If the credit card payment is misappropriated, you can dispute it, and almost always get the proper payment to the person you want to pay and unauthorized payments reversed. If the wrong person cashes your check, you're basically out of luck. Yes, you could get the police involved, but they're harder to deal with than the credit card company, and they're not going to give you your money back.
The next issue is how secure the transport is -- if you are 30% certain the credit card number will get to the right place, and 99.9% certain the postal mail will, then the postal mail is arguably more overall secure.
The postal mail and the Internet are both extremely reliable. Both fail all the time (just this last Dec./Jan. it took six weeks for a check of mine to get from my house in Calif. to the person I wanted to pay in Ohio), but they're both very reliable.
However, in general, I find out about network failures faster than I discover postal failures. If a net payment service blows up, I know about it right away. If my check gets lost in the mail, it may show up in Aberdeen 112 years late.
Summing up, I'll go for the network being more secure for all the same reasons that "the check's in the mail" is a much better excuse than "the packets are being retransmitted."
For your second question, allow me to say that frame relay is pretty much the telco equivalent of the Internet. It's a cloud-like packet-switched network. The overall security of such a network link is related to how many hops your packets make, and who they hop through. I agree with you, if all you are doing is sending packets, it really doesn't matter whether you're using a frame relay circuit or the Internet.
One could make the argument that if you purchase a frame relay line from a telco, the data passes through fewer hands and is therefore more secure. There are many "yes, buts" that you can add to that argument.
Nonetheless, it is relatively easy to secure a network connection by using routers that use IPsec or some other VPN protocol. If you do this, you're pretty immune to virtually all the bad things that can happen to your data, and again, then it wouldn't make a difference whether you used the Internet or a frame relay circuit.
Let's also look at this another way. Suppose you are designing a new link between an East Coast and West Coast site. You and I might agree that there's not much difference between a frame relay link and the Internet, but other people might not. However, if we use the Internet and an IPsec router, the objections go away. On top of that, if we used frame relay, we'd still want to use a secure router. And if you're using a secure router, then the frame-vs-Internet decision should be made by cost alone.
This was first published in March 2001