[cabf_netsec] Definition of "Air Gapped"
Tobias S. Josefowitz
tobij at opera.com
Tue Oct 18 10:01:58 UTC 2022
Hi Ben,
On Sat, 15 Oct 2022, Ben Wilson via Netsec wrote:
> Alternative B could be: "the absence of connections (electrical, wireless,
> or any other networking) that prevents a system from communicating with
> another system and requires human intervention and a transfer device for
> data to move between the two systems."
>
> Alternative C would be to define "Air Gap", as above in the CSRC/RFC
> definition, and add the words "or wirelessly", so that it would read "An
> interface between two systems at which (a) they are not connected
> physically *or wirelessly* and (b) any logical connection is not automated
> (i.e., data is transferred through the interface only manually, under human
> control)."
It would be my expectation for anything that is described as "air gapped"
in this context that the separation offered cannot be overcome without
physical manipulation leaving tangible physical evidence (a cable
connected that shouldn't be, a switch in an unexpected position, ...). I
am not sure if any of the suggestions really capture this, but I am
especially concerned with the absence of wireless connections, which might
be interpreted to be achievable on a more logical level. This would be a
misinterpretation that, in my opinion, we should strive to prevent.
Tobi
More information about the Netsec
mailing list