holes in the whole: crafting security for the pervasive web by stikeleather
DESCRIPTION
James Stikeleather, Chief Innovation Officer at Dell Services, gave an engrossing talk on the future of security. The consequences of the Web’s evolution are actually a co-evolution, he said, wherein people are becoming more co-dependent on technology and we are restructuring how we see data (augmented reality); while technology is becoming contextual, dependent on who is making the request, how and when they are making it, and what their intentions are in making it. In such a fluid environment trust is essential, but can there realistically be trust? We have created an untrustworthy environment, Mr. Stikeleather said, and the tipping point will be smart phones in the enterprise. This technology in particular is creating greater cracks in a complex environment that exhibits a model that is destined to ultimately fail. Additionally, government and enterprise can’t agree on what the world should look like from a security perspective due to differing cultural concepts in cyberspace. What’s needed is a “Law of the Commons”: We’ve created rules for shared international usage of the world’s oceans and for outer space, and cyberspace should be no different. At the end of the day, everything is an economic survival issue, Mr. Stikeleather said. The real value of the Web has been network effects. If we were to lose trust in privacy and security, we would lose the currency of that global network exchange and the associated economic model, which in turn could actually mean the collapse of the global economy, he said. And a catastrophic event is likely to happen, he predicted. What will the world without trust look like? A Feudal Cyber World: white lists, locked clients, fixed communication routes, locked and bound desktops, limited transactions, pre-established trading partners, information hoarders, towers of Babel. We have a unique opportunity with Cloud, Mr. Stikeleather said, to get it right early and put thought into what the underlying structure of Cloud needs to look like, and how to conduct the contextual nature of evolving technology. Meantime, people should own the right to their own identity and control their information; and we need to secure data by protecting it within content.TRANSCRIPT
Holes in the Whole: Crafting Security for the Pervasive Web
Jim Stikeleather Chief Innovation Officer
Dell Services
Global Marketing
December 2007 EG Conference
2
Global Marketing
Evolution of the Web Kevin Kelly’s view from 2007
• Web’s first 5,000 days – People expected “TV, only better”
– Impossible to imagine Wikipedia, Facebook
– Economic models
• December 2007 – 100 billion clicks per day
– 294 billion emails sent daily
– 55 trillion links
– 255 exabytes of magnetic storage
– 5% of global electricity consumption
• Magnitude equivalent of a human brain
3
Global Marketing
Evolution of the Web Kevin Kelly’s projection from 2007
• Web’s next 5,000 days – Doubling every two years
› 6 billion human equivalents by 2040
– Mobility
– Digital universe fuses into physical world
– Our devices are windows into the Web
– Internet creating a “global brain”
• In December 2010 – 2 billion users
– 107 trillion emails sent
– 47 billion text messages per day
– 35 billion “client” devices (5 billion phones)
– 13 billion indexed pages (est. half of total static)
› Over 1 trillion dynamic pages
• After 2007 hard numbers disappear
4
Global Marketing
Consequences of Web’s Evolution Kevin Kelly’s view from 2007 – Not just a better Web
• Three Outcomes – Embodying the machine
– Restructuring the architecture
– Codependence on new technology
› Just as we depend on alphabets
• Emergence of Global Brain – Smarter
– Personalized
– Pervasive
• Individuals must be transparent to gain benefits
5
Global Marketing
Consequences of Web’s Evolution A view from today
• Three Modifications – Disembodying information: Big Data
– Restructuring us: Augmented reality
– Co-evolution: Multisensory computing
› Allosphere (UCSB)
• The Pervasive Cloud – Ecology instead of organism
– Contextual instead of singular
– Everything as a Service
• Transparency as a necessary condition
• Trust needed for transparency
• Mantras
– Good enough
– Zero failure
– Zero patience
– Zero input
– Zero price
– Unlimited information
– Unlimited depth
– Privacy?
6
Global Marketing
Can There Be Trust?
• Drastic increase in Malware (McAfee Labs) – 2007 - 16,000 new pieces of malware per day – 2008 - 29,000 per day – 2009 - 46,000 per day
• Sophos’ Security Threat Report: 23,500 new infected web pages found every day -- equates to one infected website every 3.6 seconds
• 61% of the top 100 Web sites have either hosted or been involved in malicious activity over the last six-month period. Websense
• 87% of PC’s have spyware on them. On average, those with spyware have 28 different versions. Forrester Research
7
• “In 2008, there were so many viruses being created that Symantec needed to write a new signature every 20 seconds. In 2009, it changed to every 8 seconds.” Cyber Warefare, Jeffrey Carr
• 6,000,000 new botnet infections per month McAfee Labs
Global Marketing
Proofpoint study: Email is top source of data loss (IP); social media and mobile devices larger threat
Do We Even Know What Is Really Going On?
Source: Open Security Foundation DataLossDB
(Data does not include U.S. Secret Service)
Source: Protect-data.com survey
8
Global Marketing
The Tipping Point: An Explosion of Smartphones in the Enterprise is Imminent
• Worldwide Shipments of Smartphones Moves Towards 1 Billion by 2015. InStat
• Mobile Devices are the New Client Systems.
• RIM Dominance of the Enterprise is over.
• 9 Pieces of Malware & Spyware per 100 mobile devices. Lookout
9
Why Our Current Model Will (continue to) Fail:
•
–
–
–
–
–
•
–
–
–
–
•
–
–
–
•
–
•
–
10
Dystopian Consequences of Trust Loss
• Saeculum Obscurum (dark age), a phrase first recorded in 1602
• Not just after fall of Roman, but also Minoan and Mycenaean civilizations
• The knowledge gained was lost; for 100s of years, life was governed by superstitions and fears fueled by ignorance; the economy ground to a halt
• Jared Diamond concludes that the basic factors of civil success are size and density of population, technology, and specialized institutions
• Jane Jacobs asks why do even successful cultures fail? “Losers are confronted with such radical jolts in circumstances that their institutions cannot adapt adequately, become irrelevant, and are dropped”
• Fukuyama – All economics is based on trust
11
A Feudal Cyber World
• White lists
• Locked clients
• “Fixed” communication routes
• Locked, bound virtual desktops
• Limited transactions
• Fixed transactions
• Pre-established trading partners
• Artificial us-versus- them
• Towers of Babel
• Haves / have nots / disenfranchisement
• Information hoarding (guilds)
• Little information liquidity
• Hierarchical processes
12
Trust in Cyberspace requires data to protect itself
• Kelly
– Link Computers, share packets
– Link Pages, share links
– Link Data, share ideas
Semantic web
– Link Things, share experience
• Russell Ackoff
– Data
Add presentation
– Content
Add context
– Information
Add process
– Knowledge
Add experience
– Understanding
Add reflection
– Wisdom
Data wrapped in presentation armor becomes self-protecting content
13
DRM Models―Embedding Governance, Risk Management, Compliance and Security into the Delivery Fabric
• Policy Administration Point (PAP): Manages security and or compliance policies
• Policy Decision Point (PDP): Evaluates and issues authorization decisions
• Policy Enforcement Point (PEP): Intercepts user's access request to a resource and enforces PDP's decision. Secured applications (see below) may act as their own PEP
• Policy Information Point (PIP ): Provides external information to a PDP, such as LDAP attribute information
• Encryption: On-demand
• Identity Service: Used for initial access to cloud-provided services
A new GRCS architecture: Hardware, System Software and Development Environments based on Rights (Restrictions) Expression Language(s).
• Authentication Service: Verification of the
identity of a party which generated some data
• Confidentiality Service: Protection of information from disclosure to those not intended to receive it
• Location Service: Identifies where data is stored, has been used, where users saw/used it, etc.
• Validation Service: Provides a third level of assurance before granting access to resources or information assets
• Authorization Service: Process by which one determines whether a principal is allowed to perform an operation
• Encryption Service: Encryption/decryption with audit
14
Precursors? How we might get there?
• Hardware exemplars: – Policy Information Points / Location
Services (GPS)
– Policy Enforcement Points (biometrics / Bluetooth phones)
– Encryption Points / Services (secure flash)
– CPU Keys
• Software exemplars: – SAML
– XACML
– Hashed Binaries
– Pedigreed Binaries
– Stateless Sessions
– ReSTful Sessions
What’s “secure” depends on the goals of the system. Do you need authentication, accountability, confidentiality, data integrity? Each goal suggests a different security architecture, some totally compatible with anonymity, privacy and civil liberties. In other words, no one “identity management and authentication program” is appropriate for all Internet uses.
• An Archetype: MPEG 21 REL
– Provides rights to information that can be packaged within machine-readable licenses, guaranteed to be ubiquitous, unambiguous and secure, which can then be processed consistently and reliably.
– Modular design provides inherent extensibility of the language and is designed to be:
Flexible – enabling the creation of licenses to support any kind of business model
Scalable – enabling the creation of profiles to support a wide variety of devices
Extensible – enabling the creation of specific, autonomous extensions for use in vertical markets, both open and closed
Technology agnostic – enabling support for any kind of proprietary or standardized enforcement technology
15
What it might look like
•
•
•
•
•
–
–
–
–
•
–
–
–
•
•
•
•
•
16
Let’s think a little more impossibly!
Thank you