Upload
molly-cobb
View
219
Download
3
Embed Size (px)
Citation preview
“What Should be Hidden and Open in Computer Security: Lessons from
Deception, the Art of War, Law, and Economic Theory”
Professor Peter P. Swire
George Washington University
TPRC-2001
October 28, 2001
Overview of the Talk
Military base is hidden but computer security is open
Compare physical & computer security Model for openness in computer security Economic model: monopoly v. competition Military model: Sun Tzu v. Clausewitz Applications Research agenda
I. Physical and Computer Security Physical walls and the pit covered with
leaves Computer security
– Firewalls– Packaged software– Encryption
II. Model for Hiddenness in Computer Security Static model Dynamic model
Static Model for Openness
First-time vs. repeated attacks Learning from attacks
– Surveillance vs. other defenses Communication among attackers
– Script kiddies and the diffusion of knowledge
Dynamic Model
Security-enhancing effect– Many software bugs– Repeated attacks on computers– Security and inter-operability– Security expertise outside the organization
FOIA and other accountability effects
III. Economics and Openness in Computer Security System information hidden -- monopolist
about the security information Open source and system information open
-- competitive market Strong presumption in economic theory for
competitive market
Monopoly and Under-disclosure
Competitive market -- system/software designer discloses where benefits of disclosure exceed costs of disclosure
Monopolist -- costs $100 extra to re-design, but gains $10 per user; may not re-design
Disclosure may reduce market power Disclosure may reduce network externalities
Other Lessons from Economics
Other market failures– Information asymmetries and under-openness
Government systems even stronger incentives to under-disclose– Lack the market incentive to disclose enough to
gain sales– Optimal disclosure (competitive market)– Some disclosure (monopoly market)
IV. Military Strategy & Openness Sun Tzu and all war is deception Clausewitz and deception as incidental Hiddenness and Terrain
– Mountains (deception works)– Plains (deception doesn’t work much)
Hiddenness and Technology– Detection -- binoculars & infrared– Communication -- radio and Internet
Military & Openness
Sun Tzu and the intelligence agencies “Brute force attack” & Clausewitz
– Hackers and the opposite of deception Intellectual project
– Military (usually hidden)– Economics (usually open)– Computer security (intuition unshaped)
V. Some Applications
Open source movement as better security?– When is there “security through obscurity”?
DMCA and Felton case– Ignores the security-enhancing effect
Classified employees for computer security? Carnivore as open source? New FOIA limits on computer security?
Concluding Thoughts
A new field of study:– What should be hidden or open in computer
security?– Future conferences and studies on this?
Big shift to openness for computer security compared to physical security
What is optimal for military computer systems I invite comments, sources, and questions!