Safety & Security in Computer Based Systems. Brian Gladman



Similar documents
Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns

working group on foreign policy and grand strategy

European Security Standards Reference Implementation Initiative (ESSRII)

How To Prevent Fraud Through Ad Verification

CHAPTER SEVEN FEES, CHARGES AND INCOME GENERATION. Summary. Introduction. Landing and Navigation Charges

Offensive capabilities

Beyond the Hype: Advanced Persistent Threats

Performance Standards and Test Procedures for Environmental Data Management Software. Martin Lloyd

WATCHKEEPER X UNMANNED AIRCRAFT SYSTEM (UAS)

OPC & Security Agenda

Expert Seminar. Engagement with Non-State Armed Groups in Peace Processes

ORIGINAL: ENGLISH 11th May, 1967 DOCUMENT DPC/D(67)23. DEFENCE PLANNING COMMITTEE Decisions of Defence Planning Committee in Ministerial Session

MI5. Careers Guide 2012/13. Owing to the sensitivity of our work, we do not publicly disclose the identities of our staff.

WHITEPAPER. How a DNS Firewall Helps in the Battle against Advanced Persistent Threat and Similar Malware

The big data dilemma an inquiry by the House of Commons Select Committee on Science and Technology

How To Protect Your Computer From Attack

White Paper: Cyber Hawk or Digital Dove

Case No COMP/M FINMECCANICA / BAES AVIONICS & COMMUNICATIONS. REGULATION (EC) No 139/2004 MERGER PROCEDURE

Computer Security. Security.di.unimi.it/sicurezza1314/ Chapter 1: 1

Government Security Solutions YOUR PARTNER OF CHOICE. Protecting People, Places And Perimeters

Regulation of Investigatory Powers Act 2000

The Defence Strategy of the Slovak Republic

THE BENEFITS. Facts/Figures

Dominic Taylor CEng MIET MIMechE MIRSE MCMI, Invensys Rail

Security Issues with the Military Use of Cellular Technology Brad Long, Director of Engineering, IFONE, Inc.

The main object of my research is :

Headquarters Army Legal Assistance Catterick Barracks British Forces Post Office 39

Cyber Watch. Written by Peter Buxbaum

Gaming System Monitoring and Analysis Effort

Public Private Partnerships and National Input to International Cyber Security

Revealed: how US and UK spy agencies defeat internet privacy and security

Authentication and Security in Mobile Phones

First National Data Quality Review: Executive Summary Quality Information Committee

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Intrusion Software Tools and Export Control Introduction. Export Control in Context

FUTURE NAVY VISION. The Royal Navy Today, Tomorrow and Towards Projecting maritime power to protect and promote our nation s interests

8 Aerospace and Defense

Charter of Consumer Rights in the Digital World

External Supplier Control Requirements

The Professionals policy is available for small businesses with up to 8 people and a turnover of 500,000 or less.

Hybrid Warfare & Cyber Defence

Whose IP Is It Anyways: Tales of IP Reputation Failures

Air Traffic Management Services Plan

A Solicitors Guide to. Employment Protection Insurance

TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL. (U) SIGINT Strategy February 2012

CESG Certification of Cyber Security Training Courses

The Tradesmen policy is available for self employed persons and small businesses with up to 8 people and a turnover of 500,000 or less.

EECS 588: Computer and Network Security. Introduction January 14, 2014

An overwhelming majority of IaaS clouds leverage virtualization for their foundation.

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz , ICSG 2014

TETRA Security for Poland

Strategic Issues e-commerce for Manufacturers Dealer Networks. 1. Leadership Dealers need leadership from their manufacturer in two areas:

RSA. Frequently Asked Questions. RSA Data Security, Inc. About Cryptography Export Laws. Answers to THE KEYS TO PRIVACY AND AUTHENTICATION

Recruitment Outsourcing:

Conceptual Model for Enterprise Governance. Walter L Wilson

Patch Management. Is it recommended to patch an Industrial Automation Control System and, if so, why? Siemens AG All Rights Reserved.

Cyber security Building confidence in your digital future

RAMS, Systems Engineering and Systems Thinking

CUSTOMER KEYNOTE Hal Buddenbohm

Foundations of Computer Security

Fraudulent accounts in collections: improve detection and reduce collector workload. An Experian briefing paper

Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.

FBI AND CYBER SECURITY

DEFENCE INSTRUCTIONS (GENERAL)

OOA of Railway Ticket Reservation System

Identifying Ethical SEO

Regulating and Monitoring Private Military and Security Companies in United Nations Peacekeeping Operations. Stephen Mathias 1

Airports and their SCADA Systems. Dr Leigh Armistead, CISSP. Peregrine Technical Solutions

A Brief Analysis on Architecture and Reliability of Cloud Based Data Storage

TERMS OF USE FOR NOTARIAL PERSONAL REPRESENTATION CERTIFICATES FOR AUTHENTICATION

Best value security report

Application of the Electronic Communications and Transactions Act to Online Merchants From Other Jurisdictions

Transcription:

Safety & Security in Computer Based Systems Brian Gladman

Talk Outline Compare and contrast the approach to safety and security in computer based systems Consider the impact of politics on the provision of security in commercial market computer systems Consider security models for UK government systems handling citizen owned data

Computer Systems Safety Examples Nuclear reactor monitoring & control Aircraft flight control Air traffic control Engine management & control Railway signalling Road traffic management Weapons fusing, arming & control Nuclear weapons command & control

Characteristics of the Safety Domain The safety requirement almost always dominates other requirements A mostly open community in which experience (good & bad) is shared No significant opposition to safety attainment Safety certification owned by the community and based on best current practice

Characteristics of the Security Domain Government (NSA, GCHQ) opposition to security technology deployment in open market systems Little sharing of practical experience, especially of security failures Radically different security models (open & closed) promoted by different political interest groups Security certification based on ideal requirements rather than best current practice; imposed by minority (defence) customers in an attempt to drive the market

Computer Security & The Civil Market Security historically of low priority but large IT suppliers are now showing an increased interest in providing security The Trusted Computing Group (was TCPA) is now leading an industry effort to improve computer systems security But is this a genuine effort to improve end user security or an attempt to support the licensing & digital rights management (DRM) needs of content and software suppliers? Putting high grade security capabilities in the hands of novice end users could provide ideal exploitable capabilities for those with nefarious objectives (crypto viruses, bot-nets, ) There are hence serious concerns among technologists that improved computer security won t serve end user interests (but I don t think this will stop these developments)

Security Models The Closed Systems Security Model: Security through obscurity Historically almost universal within UK government (even when inappropriate) Widely used by many commercial suppliers The Open Systems Security Model: Open publication of specifications, design & implementation Applied by the open source community and some commercial companies Technical analysis of these models is limited but what exists suggests that one is not necessarily better than the other

Principle: Government IT Systems That Process Citizen Owned Information The person (or persons) who carry the risks of security failures (i.e. the citizens) have the right to determine for themselves whether the security provided is sufficient for their purposes The Closed Security Model might assist security but it might equally hide insecurity --- citizens have no way of knowing which applies Hence only the Open Security Model meets the above principle While the government applies the closed security model in its citizen facing IT systems, we cannot have confidence in their security Will the Home Office openly publish full details of the procedural, technical and operational mechanisms that will be used to protect seized keys BEFORE the GAK provisions are bought into force?

Security, Functionality and Scale The more people who share a secret the less likely it is to remain secret The promotion of data sharing across systems is hence in direct conflict with good security and privacy principles Government IT systems holding citizen owned data should hold only that data needed to meet their immediate purpose At the current state of the art such computer systems can only be built to provide two of the following three properties: Security Functionality Scale Security will remain elusive while the government insists that it must have all three properties in such systems

My Conclusions The security community lacks cohesion and is driven by conflicting political and economic forces that hamper technical developments Government information systems holding data on which the safety, security and privacy of individual citizens may depend must adopt the Open Security Model Now (and for the foreseeable future) such systems can provide only two of the three properties of scale, functionality & security Traditionally security has lost out but we now need to reduce either scale or functionality in order to provide effective safety, security and privacy In particular, limiting systems functionality will be essential if we are to achieve effective, affordable and reasonably secure citizen facing government IT systems

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information