You are here

trustworthy computing

"Basic Principles" of Information Security

I am finishing up a textbook on elementary information security. Unlike other books, this one targets freshmen and sophomores, and eschews memorization for problem-solving.

Trojan Horse

Sprinkled here and there are concepts we all should recognize as "basic principles" of information security: ideas that transcend programming, network design, and system administration. Now that I'm finished, here is a summary of the ones I covered. I've also noted how they compare to Saltzer and Schroeder's classic list from 1975 and, briefly, the NIST principles in SP800-14.

Post category: 

Cloud Computing Discovers Covert Channels

A SANS Handler Notebook entry by Toby Kohlenberg reports on data leakage in cloud computing, and links to a terrific paper from some UCSD/MIT people: Ristenpart, Tromer, Shacham, and Savage.

If we set the wayback machine to the early 1970s, we find a paper by Butler Lampson about something called the confinement problem. It's the same thing. Ristenpart et al pick up some of the threads (like noninterference) though their paper doesn't point all the way back to Lampson.

This is a hard problem to solve. The only defense right now is if attackers lack the motivation to exploit it.

Time - Again - For Trustworthy Computing

Saul Hansell of the Washington Post has posted an article about real time attacks on one-time password tokens like SecurID and SafeWord. The strategy is to steal a user's one-time password after it is typed in and redirect it to a hacker to exploit immediately. The attack relies on Trojan software that has installed itself in the victim's computer.SecurID Card

One time passwords were not designed to protect against this type of thing. Once you have that sort of trojan, there's no way to use your computer reliably. Attackers can intercept what you're doing, change it to benefit them, and you won't know what happened until you look at your bank statement.

The only way to protect against such things is to ensure that your computer has not been hacked. This is hard, since there are lots of ways to attack a computer and not nearly as many ways to protect it.

Post category: 

LOCK - A trusted computing system

The LOCK project (short for LOgical Coprocessing Kernel) developed a "trusted computing system" that implemented multilevel security. LOCK was intended to exceed the requirements for an "A1" system as defined by the old Trusted Computing System Evaluation Criteria (a.k.a. the TCSEC or "Orange Book").

Post category: 

Multilevel Security and Internet Servers

I wrote the following message as part of a discussion on the old Firewalls mailing list in 1996. The message was part of a discussion on the use of MLS technology to protect Internet servers from attack. The basic concepts still apply in some ways, though the threats have evolved in many other ways.

Post category: 

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer