Holes in the Whole: Crafting Security for the Pervasive Web
Jim Stikeleather Chief Innovation Officer
Dell Services
Global Marketing
December 2007 EG Conference
2
Global Marketing
Evolution of the Web Kevin Kelly’s view from 2007
• Web’s first 5,000 days – People expected “TV, only better”
– Impossible to imagine Wikipedia, Facebook
– Economic models
• December 2007 – 100 billion clicks per day
– 294 billion emails sent daily
– 55 trillion links
– 255 exabytes of magnetic storage
– 5% of global electricity consumption
• Magnitude equivalent of a human brain
3
Global Marketing
Evolution of the Web Kevin Kelly’s projection from 2007
• Web’s next 5,000 days – Doubling every two years
› 6 billion human equivalents by 2040
– Mobility
– Digital universe fuses into physical world
– Our devices are windows into the Web
– Internet creating a “global brain”
• In December 2010 – 2 billion users
– 107 trillion emails sent
– 47 billion text messages per day
– 35 billion “client” devices (5 billion phones)
– 13 billion indexed pages (est. half of total static)
› Over 1 trillion dynamic pages
• After 2007 hard numbers disappear
4
Global Marketing
Consequences of Web’s Evolution Kevin Kelly’s view from 2007 – Not just a better Web
• Three Outcomes – Embodying the machine
– Restructuring the architecture
– Codependence on new technology
› Just as we depend on alphabets
• Emergence of Global Brain – Smarter
– Personalized
– Pervasive
• Individuals must be transparent to gain benefits
5
Global Marketing
Consequences of Web’s Evolution A view from today
• Three Modifications – Disembodying information: Big Data
– Restructuring us: Augmented reality
– Co-evolution: Multisensory computing
› Allosphere (UCSB)
• The Pervasive Cloud – Ecology instead of organism
– Contextual instead of singular
– Everything as a Service
• Transparency as a necessary condition
• Trust needed for transparency
• Mantras
– Good enough
– Zero failure
– Zero patience
– Zero input
– Zero price
– Unlimited information
– Unlimited depth
– Privacy?
6
Global Marketing
Can There Be Trust?
• Drastic increase in Malware (McAfee Labs) – 2007 - 16,000 new pieces of malware per day – 2008 - 29,000 per day – 2009 - 46,000 per day
• Sophos’ Security Threat Report: 23,500 new infected web pages found every day -- equates to one infected website every 3.6 seconds
• 61% of the top 100 Web sites have either hosted or been involved in malicious activity over the last six-month period. Websense
• 87% of PC’s have spyware on them. On average, those with spyware have 28 different versions. Forrester Research
7
• “In 2008, there were so many viruses being created that Symantec needed to write a new signature every 20 seconds. In 2009, it changed to every 8 seconds.” Cyber Warefare, Jeffrey Carr
• 6,000,000 new botnet infections per month McAfee Labs
Global Marketing
Proofpoint study: Email is top source of data loss (IP); social media and mobile devices larger threat
Do We Even Know What Is Really Going On?
Source: Open Security Foundation DataLossDB
(Data does not include U.S. Secret Service)
Source: Protect-data.com survey
8
Global Marketing
The Tipping Point: An Explosion of Smartphones in the Enterprise is Imminent
• Worldwide Shipments of Smartphones Moves Towards 1 Billion by 2015. InStat
• Mobile Devices are the New Client Systems.
• RIM Dominance of the Enterprise is over.
• 9 Pieces of Malware & Spyware per 100 mobile devices. Lookout
9
Why Our Current Model Will (continue to) Fail:
•
–
–
–
–
–
•
–
–
–
–
•
–
–
–
•
–
•
–
10
Dystopian Consequences of Trust Loss
• Saeculum Obscurum (dark age), a phrase first recorded in 1602
• Not just after fall of Roman, but also Minoan and Mycenaean civilizations
• The knowledge gained was lost; for 100s of years, life was governed by superstitions and fears fueled by ignorance; the economy ground to a halt
• Jared Diamond concludes that the basic factors of civil success are size and density of population, technology, and specialized institutions
• Jane Jacobs asks why do even successful cultures fail? “Losers are confronted with such radical jolts in circumstances that their institutions cannot adapt adequately, become irrelevant, and are dropped”
• Fukuyama – All economics is based on trust
11
A Feudal Cyber World
• White lists
• Locked clients
• “Fixed” communication routes
• Locked, bound virtual desktops
• Limited transactions
• Fixed transactions
• Pre-established trading partners
• Artificial us-versus- them
• Towers of Babel
• Haves / have nots / disenfranchisement
• Information hoarding (guilds)
• Little information liquidity
• Hierarchical processes
12
Trust in Cyberspace requires data to protect itself
• Kelly
– Link Computers, share packets
– Link Pages, share links
– Link Data, share ideas
Semantic web
– Link Things, share experience
• Russell Ackoff
– Data
Add presentation
– Content
Add context
– Information
Add process
– Knowledge
Add experience
– Understanding
Add reflection
– Wisdom
Data wrapped in presentation armor becomes self-protecting content
13
DRM Models―Embedding Governance, Risk Management, Compliance and Security into the Delivery Fabric
• Policy Administration Point (PAP): Manages security and or compliance policies
• Policy Decision Point (PDP): Evaluates and issues authorization decisions
• Policy Enforcement Point (PEP): Intercepts user's access request to a resource and enforces PDP's decision. Secured applications (see below) may act as their own PEP
• Policy Information Point (PIP ): Provides external information to a PDP, such as LDAP attribute information
• Encryption: On-demand
• Identity Service: Used for initial access to cloud-provided services
A new GRCS architecture: Hardware, System Software and Development Environments based on Rights (Restrictions) Expression Language(s).
• Authentication Service: Verification of the
identity of a party which generated some data
• Confidentiality Service: Protection of information from disclosure to those not intended to receive it
• Location Service: Identifies where data is stored, has been used, where users saw/used it, etc.
• Validation Service: Provides a third level of assurance before granting access to resources or information assets
• Authorization Service: Process by which one determines whether a principal is allowed to perform an operation
• Encryption Service: Encryption/decryption with audit
14
Precursors? How we might get there?
• Hardware exemplars: – Policy Information Points / Location
Services (GPS)
– Policy Enforcement Points (biometrics / Bluetooth phones)
– Encryption Points / Services (secure flash)
– CPU Keys
• Software exemplars: – SAML
– XACML
– Hashed Binaries
– Pedigreed Binaries
– Stateless Sessions
– ReSTful Sessions
What’s “secure” depends on the goals of the system. Do you need authentication, accountability, confidentiality, data integrity? Each goal suggests a different security architecture, some totally compatible with anonymity, privacy and civil liberties. In other words, no one “identity management and authentication program” is appropriate for all Internet uses.
• An Archetype: MPEG 21 REL
– Provides rights to information that can be packaged within machine-readable licenses, guaranteed to be ubiquitous, unambiguous and secure, which can then be processed consistently and reliably.
– Modular design provides inherent extensibility of the language and is designed to be:
Flexible – enabling the creation of licenses to support any kind of business model
Scalable – enabling the creation of profiles to support a wide variety of devices
Extensible – enabling the creation of specific, autonomous extensions for use in vertical markets, both open and closed
Technology agnostic – enabling support for any kind of proprietary or standardized enforcement technology
15
What it might look like
•
•
•
•
•
–
–
–
–
•
–
–
–
•
•
•
•
•
16
Let’s think a little more impossibly!
Thank you
