Dan Simon is wrong July 8, 1998. “What is Security?” “Security is about implementing...
-
Upload
noah-daniels -
Category
Documents
-
view
214 -
download
0
Transcript of Dan Simon is wrong July 8, 1998. “What is Security?” “Security is about implementing...
Dan Simon is wrongDan Simon is wrong
July 8, 1998July 8, 1998
““What is Security?”What is Security?”
““Security is about implementing Security is about implementing people’s preferences for privacy, trust people’s preferences for privacy, trust and information sharing (i.e., their and information sharing (i.e., their `Security Policies’)”`Security Policies’)”– Wrong (or incomplete)Wrong (or incomplete)
Security is also about eliminating Security is also about eliminating unforeseen consequencesunforeseen consequences
Constructing the policy is the hard Constructing the policy is the hard partpart
You You can’tcan’t handle the truth handle the truth
Who should be able to open the front Who should be able to open the front door on my house?door on my house?– Me, my family, our guestsMe, my family, our guests– Police, firefighters, paramedicsPolice, firefighters, paramedics
But they should be logged and auditedBut they should be logged and audited
– Locksmiths?Locksmiths? It’s hard to construct the right listsIt’s hard to construct the right lists Physical metaphors may not helpPhysical metaphors may not help
Social constructsSocial constructs
Security policies are based on experienceSecurity policies are based on experience Less experience on computers than in Less experience on computers than in
real worldreal world Unforeseen consequences may be far Unforeseen consequences may be far
more numerousmore numerous Predicting consequences is Predicting consequences is
computationally complexcomputationally complex Analogies may not maintain Analogies may not maintain
consequencesconsequences
DesiderataDesiderata
I need an administratorI need an administrator– I’m not aloneI’m not alone
My policy might simply parameterize My policy might simply parameterize the administrator’s policythe administrator’s policy
I need auditingI need auditing I need undoI need undo I need someone to explain my policy I need someone to explain my policy
to meto me