You Believe In Computer Security? Then There's A Bridge In Brooklyn You Should Buy.You have to respect an author who begins a book by confessing that he wrote it "partly to correct a mistake," especially when that author is one of the most respected authorities in a highly technical field. That's exactly bow Bruce Schneier begins his new book on computer security, Secrets and Lies: Digital Security in a Networked World (John Wiley John Wiley may refer to:
New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of . 2000). What he is actually confessing is a kind of native shared by, altogether, too many people regarding computer security: that technology is the answer. That was the implied thesis of his earlier book on applied cryptography, still an excellent guide to the guts of cryptographic systems. Today, several years more experienced and wiser, Schneier has penned a magisterial mag·is·te·ri·al adj. 1. a. Of, relating to, or characteristic of a master or teacher; authoritative: a magisterial account of the history of the English language. b. book on computer security grounded in his work as a security consultant and the first thing he tells readers is that "security is a process, not a product." That deserves to be graven grav·en v. A past participle of grave3. Adj. 1. graven - cut into a desired shape; "graven images"; "sculptured representations" sculpted, sculptured in stone somewhere; perhaps on the tombstones tombstones a cellular phenomenon in pemphigus vulgaris; rows of basal cells of the epidermis remain attached to the basal membrane, reminiscent of rows of tombstones. of failed security companies and of the companies that relied on them. Secrets and Lies is not a highly technical book; that is, you won't find detailed descriptions of the innards of security technology. The information it supplies is far more useful than that: a detailed look at the landscape, technologies, and strategies of computer security. Although a review can, of course, do no more than suggest the richness of the book, a brief look at the topics covered, and some of the author's conclusions, if it motivates you to buy the book, it will have served its purpose. Schneier organizes the book into three pans: the security landscape, the technologies of security, and strategies for coping with security attacks and vulnerabilities. In the first part, The Landscape, the author establishes a context for talking about computer security, a task usually overlooked by security product vendors. What does it mean to be secure? Against what kind of attack? For instance, as Schneier points out, a secure operating system The term "secure operating system" is a misnomer. Relevant articles include:
In this first section, the author reviews the kinds of attacks that a secured system is likely to encounter, making the point that they are all analogs of criminal behavior in the non-virtual world: fraud, scams, destructive attacks, types of theft (intellectual property, identity, and brand), and various kinds of privacy infringements. He also characterizes a variety of attackers from hackers and lone criminals to industrial spies, national security agencies, and infowarriors. This first section ends with a look at what kinds of security are needed to counter the threats and attackers discussed--not in the sense of technologies, but in conceptual terms. This is an excellent review of topics such as privacy, multilevel security Refers to processing data with different security clearances in the same system or network. Contrast with multiple single-level. , anonymity, authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. , integrity, audit, and so forth. Throughout, Schneier uses homely home·ly adj. home·li·er, home·li·est 1. Not attractive or good-looking: a homely child. 2. Lacking elegance or refinement: homely furniture. examples from everyday life (authenticating oneself to the deli man to buy a bratwurst) to bring these concepts into focus. In part two, Technologies, having set the stage, the author discusses the technologies of security. This is, perhaps, the meatiest pan of the book. Each technology is discussed using the context established in pan one, so its capabilities and, more important, its limitations, are immediately apparent. Among the topics covered are cryptography--where we learn that key length is actually a minor pan of the strength of a given cryptographic scheme, access control, various kinds of identification technologies (biometrics, access tokens, etc.), networked security and defenses, secure hardware, and much more. There are some surprises in this section. For instance, Scheier points out that the true security in e-commerce arises not from digital certificates, but from the fundamental transactional protocol of credit cards: the simple fact that you're not liable for more than $50 in fraudulent claims. In fact, he states baldly that "Digital certificates provide no actual security; it's a complete sham." There are several sit-up-and-take-notice statements like this scattered throughout the book, all of them backed up by solid explication ex·pli·cate tr.v. ex·pli·cat·ed, ex·pli·cat·ing, ex·pli·cates To make clear the meaning of; explain. See Synonyms at explain. [Latin explic and example. This section concludes with an excellent discussion of the human factors that, all too often, compromise computer security. He points out that people don't understand risk and don't know Don't know (DK, DKed) "Don't know the trade." A Street expression used whenever one party lacks knowledge of a trade or receives conflicting instructions from the other party. how to estimate it. (A good example is that people fear airplane travel more than car travel, even though the chances of accidental death in a car are much higher than in a commercial airliner.) His summation summation n. the final argument of an attorney at the close of a trial in which he/she attempts to convince the judge and/or jury of the virtues of the client's case. (See: closing argument) of the problem with computer security is, as he himself admits, quite cynical: "... the mathematics are impeccable, the computers are vincible, the networks are lousy, and the people are abysmal a·bys·mal adj. 1. Resembling an abyss in depth; unfathomable. 2. Very profound; limitless: abysmal misery. 3. Very bad: an abysmal performance. ." In fact, anyone reading the last section of part two might be tempted to give up the quest for Verb 1. quest for - go in search of or hunt for; "pursue a hobby" quest after, go after, pursue look for, search, seek - try to locate or discover, or try to establish the existence of; "The police are searching for clues"; "They are searching for the computer security; and, indeed, this book reveals that securing a computer system is a far harder task than the marketing literature that vendors imply or promise. However, Schneier moderates his dark view of the security world in part three, Strategies, by laying out in some detail a variety of techniques and processes (countermeasures That form of military science that, by the employment of devices and/or techniques, has as its objective the impairment of the operational effectiveness of enemy activity. See also electronic warfare. ) that can be used to assess and control security vulnerabilities. This is probably the most valuable part of his book, for it teaches the reader how to think about the process of security: as attacks, defenses, and the relationship between them. It also covers the present (rather parlous) state of security products and the prospects for improvement in the future. Schneier is careful to point out that "there are three parts to an effective set of countermeasures: protection, detection, and reaction." The present-day reliance, in virtually all security products or systems, on protection is, in the author's opinion, not only wrongheaded, but also the primary reason why we see so many attacks. He compares digital security to a safe and points out something that most people don't know: That safes are rated in terms of how long they can withstand an attacker armed with a given set of tools. The safe manufacturer assumes that the safe will be backed up with an alarm (detection) and reaction (armed guards or the police). By contrast, too many computer security systems rely on protection alone, which requires that the devices involved be perfect--and they neither are nor can be. This is an important point--laid out in great detail earlier in the book and reviewed here--that the nature of product development and testing is such that, while bugs (improper operation) can be detected by large numbers of eyeballs The number of users. "There are 110 eyeballs" means there are 110 users currently online. See eyeball hang time. (thus, the value of beta testing (programming) beta testing - Testing a pre-release (potentially unreliable) version of a piece of software by making it available to selected users. This term derives from early 1960s terminology for product cycle checkpoints, first used at IBM but later standard throughout the ), security vulnerabilities, and holes cannot because security has nothing to do with functionality! No amount of beta testing will reveal security problems. That might seem to obviate ob·vi·ate tr.v. ob·vi·at·ed, ob·vi·at·ing, ob·vi·ates To anticipate and dispose of effectively; render unnecessary. See Synonyms at prevent. one of the open source movement's greatest strengths--and Schneier is indeed somewhat doubtful about the ability of open source to deliver industrial strength security, for other reasons--but in reality, it merely underscores the need for openness, however obtained. The only assurance of security in a device lies in lots of expert testing and review and the only way to get that is to make every detail of the device public. Security through obscurity (security) security through obscurity - Or "security by obscurity". A term applied by hackers to most operating system vendors' favourite way of coping with security holes - namely, ignoring them, documenting neither any known holes nor the underlying security algorithms, trusting does not work. In part three, the author also lays out a method that he developed while working as a security consultant, called an "attack tree," which is a simple way of laying out all of the vulnerabilities (that one can think of) of a system, assigning a cost in terms of the loss expected if each vulnerability is breached and then finding a least cost, most cost-effective way to assure the level of security that one desires. I don't have room to go through this, but it is a technique that any VAR or integrator should be familiar with, even if only as a starting point Noun 1. starting point - earliest limiting point terminus a quo commencement, get-go, offset, outset, showtime, starting time, beginning, start, kickoff, first - the time at which something is supposed to begin; "they got an early start"; "she knew from the for thinking about security systematically. There's much more to Secrets and Lies than can be discussed here. In fact, I have to agree with the author, who, in the introduction, recommends, without much hope he will be listened to, that you read the book twice: first to get a cursory knowledge of the overall topic, then again for in-depth understanding. I think he's right and I expect that this book will soon become one of the most dog-eared, Post-It noted, and battered tomes in the library of many an integrator concerned with the security of his or her systems and customers. Dave Trowbridge is the director of marketing at Network Physics (Menlo Park Menlo Park. 1 Residential city (1990 pop. 28,040), San Mateo co., W Calif.; inc. 1874. Electronic equipment and aerospace products are manufactured in the city. Menlo College and a Stanford Univ. research institute are there. 2 Uninc. , CA), an Internet infrastructure startup. |
|
||||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion