Castle Vs Airport Model in security
George Egri

Castle Vs Airport Model in security

Apart from changing the way we live, this virtual connectivity has exposed us to an array of attacks. Cyber risks are a growing concern in virtually every aspect of our lives. The integration of technology into our everyday tasks has paved way for more efficient work performance yet left us vulnerable to many cyber-attacks

To combat the situation, easy-to-use server security tool was introduced into the equation with BitNinja being one of the top contenders.  With more and more malicious programs and hackers trying to penetrate systems on a daily basis via the use of latest techniques, comes the need for an equally strong and adaptable system.



Why the fuss over cybersecurity?

Firstly, the reason why most organizations and individuals fall victim to cyber-attacks is mainly due to their lack of concern towards the subject. Statistical report on the Internet of Things (IoT) cybersecurity shows 70% of the devices being used is not encrypting data. Hence justifying the recent growth in cyber-attacks observed over the recent years. With over hundreds of cases surfacing, one cannot simply turn a blind eye towards what is happening. 

Multiple threat actors are looking to exploit vulnerabilities, with cybercriminals, hackers, hacktivists and cyber terrorists being just a few of the lot. With hidden agendas motivating these actors, from individuals to companies, no one is safe from exploitation.


What are recent cybersecurity models?

Basically, the use of metaphors to explain cybersecurity strategies has become common practice. The predominant metaphor for a safe and protected computing is modeled on these categories. 

The most commonly heard of metaphor is castle modeling. As the name clearly depicts, its name is credited to the robust structure of a castle. Similar to the working of a real castle, the presence of walls (boundaries), often in layers, create a space that is considered “inside” and, therefore, safe, while on the other hand a conceptual “outside” that is considered potentially dangerous. Using the metaphor “castle” draws attention on strong walls that are difficult and costly to breach, along with encompassing gateways that keep the model safe and secured by only allowing controlled traffic in and out.

While knowingly popular, the castle model isn’t the only cybersecurity model presented. Another newer model surfaced, commonly referred to as “The airport model”. While both initially intended to serve the same cause, vary significantly from one another. As the castle model or fortress model was drawn on conventional castles the airport model was based on a similar concept. The airport model consists of different levels of security, quite common to the security levels observed in an actual airport like airport security guards checks, walk-through gate detectors, and SIDA protected places.

Hence justifying the use of metaphors to better explain the cybersecurity models. The airport model is considered to be the next evolution in security due to its unique yet complex structure.

The 'Castle Model'

Looking into more detail we can expand more on each of the models. The castle model replicates the medieval mindset. Elaborating, strong and layered walls are designed and created to preserve the integrity of the inside materials against attack from the outside – a typical use for a castle. In also envelopes the ability to impose strict controls over movement in and out of the boundaries of the castle. 

Walls in this particular model hint to antivirus software that examines incoming email, firewalls that embody rules, anti-spam software that eliminates junk mail, and the use of authentication mechanisms i.e. passwords and IDs that allow only authorized users to access the network and systems. Due to the deployment of technology new possibilities exist for the castle model. 

Firstly, attack scenarios for complex systems can be computed via evaluation of the vulnerabilities present. The vulnerabilities account for all the points of defaults present in the walls and gateways of the system. Patterns can be established by chaining these scenarios together, making attack graphs. Another possibility, in principle, is the detection of intrusions. Detected on occurrence by real-time monitoring tools allow analysts to see where and how a system is under attack. 

However, this centralized system has to face many challenges. Including limitations in data and connections, requiring detailed knowledge of the potential vulnerabilities, vulnerabilities to attacker-generated false alarms and much more.

The 'Airport Model'

As observed previously, the castle model is subjected to many limitations and hence came the need for implementing the airport model to respond to these new challenges. 

Airports consist of different departments and areas, each having a different level of security. Common areas such as reception areas where clients can be informed or make purchases and on the other hand highly secured areas compromising of the tarmac or the planes. To maintain optimum security, security checks are reinforced where required hence making entry difficult in sensitive areas. The airport security model functions similarly as it deploys various levels of authentication, i.e. authentication mechanisms including strong authentication, biometric measures, etc. moreover, it also makes use of integrity checks which include IDS/IPS, DLP, etc. these security measures are essential to exercise greater sense of control as compared to the castle model and to safeguard the areas containing the organization’s sensitive data. Via the use of the airport model and additional security precautions, organizations can inch closer to the ideal of having no security threats

The airport model deploys a technique similar to that of the control tower, enabling organizations to provide a suitable response or call in reinforcements if need be. In terms of comparison, the airport model addresses the issues raised by the castle model more efficiently. Instead of isolating the data completely from malicious programs it prioritizes them. Therefore, minimizing time wastage and addressing actual threats effectively rather than investing in false attacker-generated alarms. Since the airport model cybersecurity is based on an increasingly open information system, it separates the perimeters which require more security to deliver convenience.



BitNinja understands this need perfectly. A robust defense mechanism, commonly referred to as defense network, works to protect servers from attack. This all-in-one server protection mechanism learns from previous attacks and the system applies this information automatically on all BitNinja enabled servers.




Share your ideas with us about this article

Previous posts

Useful facts in cybersecurity landscape
Today's post is a little eccentric. Thanks to the Crozdesk's  IT & Security we show you a really good infographic. You can check the past, the present and the future of the cybersecurity and the ITsecurity solutions. Which are the biggest fears? What are we expecting from a cybersecurity software? What kind of tools do you require to prevent attacks? You can find answers here: Which weapons are available in BitNinja? Malware Detection Web Application Firewall Intrusion Prevention System - with our greylist Denial of Service prevention...
Vulnerabilities of Small Office/Home Office routers
I'm quite sure that you have one of the small office/home office (SOHO) devices at home to share the Internet access for your computers, smartphones and IoT gadgets. These devices are really great, as they are capable of routing and address translation, they often have a built-in switch, an access point and a user-friendly web-based management interface.  In summary, they meet the requirements of home networking for an affordable price. Unfortunately, researchers and hackers often find serious vulnerabilities in these consumer-grade devices. Recently we have contacted several I...