mailing list archives
Security & Obscurity: physical-world analogies
From: "Peter Swire" <peter () peterswire net>
Date: Thu, 2 Sep 2004 12:24:44 -0400
Here are arguments for why it is useful to think systematically
about the relationship between computer- and physical-security issues.
Yaakov Yehudi's comment is similar to other critiques:
A firewall is more akin to a specialized filter medium, but filter
aren't used as the entrance or exit to a military base.
It is probably possible to find analogies between the information
world and physical - but only on a piecemeal basis, and that is simply
irrelevant and pointless.
Peter might be much better to concentrate on the realities and forget
about straw-man analogies. What do you think?
I think there is a strong analytic similarity between a firewall
and physical settings where guards are deciding whether to let
people/trucks/etc. through a gate.
In both cases, the outsiders might be attackers who want to gain
control over the system (physical attackers infiltrating and computer
attackers seeking root control).
In both cases, the outsiders might be attackers who want to get
information about the inside (physical attackers spying out the lay of
the land and computer attackers downloading files or getting other
In both cases, there is "filtering" by the defenders. Some
entrants are excluded. Some get more intensive screening. The level of
filtering varies with the perceived level of the threat.
Three reasons why studying physical and computer security
together is useful. First, at the level of analytic understanding, the
paper tries to give a unified way to assess when openness is likely to
help security (conditions closer to what the paper calls the Open Source
paradigm) and when openness is likely to reveal vulnerabilities that
create net problems (conditions closer to what the paper calls the
Military paradigm). A unified theory is an academic/intellectual gain.
Second, policymakers in the government and management in
companies have to decide, every day, what should be secret and what
should be open. Not everyone has time to read FD an hour a day to
become expert in all these things!! The paper tries to give a useful
way for decisionmakers to get an approximation of what sorts of things
should be disclosed. A unified approach can help decisionmakers.
Third, the paper argues that openness is far more likely to be
the right choice in networked and computer settings than in traditional
physical settings. The variables identified in the paper, such as
number of attacks and communication among attackers, tilt heavily toward
openness. A unified approach alerts readers that openness is likely to
be the logical outcome today more often than it was in the
less-networked and less-computerized past.
Paper at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=531782
Full-Disclosure - We believe in it.
RE: Response to comments on Security and Obscurity Clairmont, Jan M (Sep 02)