Full Disclosure mailing list archives
RE: Security & Obscurity: physical-world analogies
From: "Yaakov Yehudi" <yehudi () tehila gov il>
Date: Sun, 5 Sep 2004 14:32:29 +0200
An intelligent (guarded) gate certainly fulfils my concept of a specialized filter. The check as to whether the analogy is useful then will be how well it hangs together as a whole. I'll read through the paper again. YY -----Original Message----- From: Peter Swire [mailto:peter () peterswire net] Sent: Thursday, September 02, 2004 18:25 To: Yaakov Yehudi; full-disclosure () lists netsys com Subject: [Full-disclosure] Security & Obscurity: physical-world analogies Here are arguments for why it is useful to think systematically about the relationship between computer- and physical-security issues. Yaakov Yehudi's comment is similar to other critiques:
A firewall is more akin to a specialized filter medium, but filter
mediums
aren't used as the entrance or exit to a military base. It is probably possible to find analogies between the information
security
world and physical - but only on a piecemeal basis, and that is simply
irrelevant and pointless. Peter might be much better to concentrate on the realities and forget about straw-man analogies. What do you think?
I think there is a strong analytic similarity between a firewall and physical settings where guards are deciding whether to let people/trucks/etc. through a gate. In both cases, the outsiders might be attackers who want to gain control over the system (physical attackers infiltrating and computer attackers seeking root control). In both cases, the outsiders might be attackers who want to get information about the inside (physical attackers spying out the lay of the land and computer attackers downloading files or getting other information). In both cases, there is "filtering" by the defenders. Some entrants are excluded. Some get more intensive screening. The level of filtering varies with the perceived level of the threat. Three reasons why studying physical and computer security together is useful. First, at the level of analytic understanding, the paper tries to give a unified way to assess when openness is likely to help security (conditions closer to what the paper calls the Open Source paradigm) and when openness is likely to reveal vulnerabilities that create net problems (conditions closer to what the paper calls the Military paradigm). A unified theory is an academic/intellectual gain. Second, policymakers in the government and management in companies have to decide, every day, what should be secret and what should be open. Not everyone has time to read FD an hour a day to become expert in all these things!! The paper tries to give a useful way for decisionmakers to get an approximation of what sorts of things should be disclosed. A unified approach can help decisionmakers. Third, the paper argues that openness is far more likely to be the right choice in networked and computer settings than in traditional physical settings. The variables identified in the paper, such as number of attacks and communication among attackers, tilt heavily toward openness. A unified approach alerts readers that openness is likely to be the logical outcome today more often than it was in the less-networked and less-computerized past. Peter Paper at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=531782 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Security & Obscurity: physical-world analogies Yaakov Yehudi (Sep 05)