While “castle-and-moat” and “zero-trust” are known security designs, how about taking it one step further, where we add mobility into the design? Howl’s moving castle is effectively the mission-critical infrastructure. With zero-trust, even when one gets passage through the gate to the castle, every attempt to enter a different chamber, a different turret or even the dungeons of the castle is verified, and each of such attempts is recorded in tamper-proof access logs. Replacing “castle-and-moat” is a “zero-trust” policy that often involves multi-step authentication and fine-grained authorizations. As workflows are touching more and more dispersed assets in disjoint networks, a comprehensive “castle-and-moat” is no longer feasible. Several well-known security attacks in recent years have exposed that the most damaging security threats often come from compromised identities.
There are strong defenses and verification on the data packets, and identity of users that enter and leave the network perimeters, but once inside the network - the castle - it is assumed that traffic therein is trusted and safe. For many years, “castle-and-moat” has been the primary security strategy, where teams focus on building network firewalls, proxy servers, honeypots, and other intrusion prevention mechanisms. It did not take long for my thoughts to flow from Howl’s castle to cloud security because the castle has been a popular metaphor in security designs.
A fantasy gothic castle with the best view of the landscape that can move anywhere, and yet can have easy connectivity to the hoi polloi - wouldn’t it be great to be in one? Naturally, there are many plots and twists in the movie, but it has always been the castle with its arthropod-like limbs that impresses me the most. Owned by a wizard named Howl, the castle can move through the moors and hills, and still appears to be just another house in the different towns. Transporting oneself from one place to another is a matter of changing the sign on the door before opening it. The door to the castle turns out to be also a portal to the capitals of several kingdoms. While “Howl’s Moving Castle” (2004) is an excellent viewing, as usual, it turns out to be a great analogy for my day-to-day cloud architecture work. Ever since Netflix released all of Studio Ghibli’s masterpieces earlier this year, I have been taking a trip down the memory lane, revisiting animated movies that have made up a massive part of my formative years.