RE: Security & Obscurity: physical-world analogies

["Yaakov Yehudi" <yehudi () tehila gov il>]

An intelligent (guarded) gate certainly fulfils my concept of a
specialized filter.  The check as to whether the analogy is useful then
will be how well it hangs together as a whole.  I'll read through the
paper again.

YY

-----Original Message-----
From: Peter Swire [mailto:peter () peterswire net] 
Sent: Thursday, September 02, 2004 18:25
To: Yaakov Yehudi; full-disclosure () lists netsys com
Subject: [Full-disclosure] Security & Obscurity: physical-world
analogies

        Here are arguments for why it is useful to think systematically
about the relationship between computer- and physical-security issues.

Yaakov Yehudi's comment is similar to other critiques:
  
> A firewall is more akin to a specialized filter medium, but filter
mediums
> aren't used as the entrance or exit to a military base.
>
> It is probably possible to find analogies between the information
security
> world and physical - but only on a piecemeal basis, and that is simply

> irrelevant and pointless.
>
> Peter might be much better to concentrate on the realities and forget 
> about straw-man analogies.  What do you think?

        I think there is a strong analytic similarity between a firewall
and physical settings where guards are deciding whether to let
people/trucks/etc. through a gate.

        In both cases, the outsiders might be attackers who want to gain
control over the system (physical attackers infiltrating and computer
attackers seeking root control).

        In both cases, the outsiders might be attackers who want to get
information about the inside (physical attackers spying out the lay of
the land and computer attackers downloading files or getting other
information).

        In both cases, there is "filtering" by the defenders.  Some
entrants are excluded.  Some get more intensive screening.  The level of
filtering varies with the perceived level of the threat.

        Three reasons why studying physical and computer security
together is useful.  First, at the level of analytic understanding, the
paper tries to give a unified way to assess when openness is likely to
help security (conditions closer to what the paper calls the Open Source
paradigm) and when openness is likely to reveal vulnerabilities that
create net problems (conditions closer to what the paper calls the
Military paradigm).  A unified theory is an academic/intellectual gain.

        Second, policymakers in the government and management in
companies have to decide, every day, what should be secret and what
should be open.  Not everyone has time to read FD an hour a day to
become expert in all these things!!  The paper tries to give a useful
way for decisionmakers to get an approximation of what sorts of things
should be disclosed.  A unified approach can help decisionmakers.

        Third, the paper argues that openness is far more likely to be
the right choice in networked and computer settings than in traditional
physical settings.  The variables identified in the paper, such as
number of attacks and communication among attackers, tilt heavily toward
openness.  A unified approach alerts readers that openness is likely to
be the logical outcome today more often than it was in the
less-networked and less-computerized past.

        Peter

Paper at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=531782

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html