Even if content is legally protected, it is important to protect access. Access should not be permitted until a digital contract is digitally signed.
Before the Internet took over the desktop with such force, computer security professionals had developed effective systems for securing valuable information and programs from theft. These systems established strong defense perimeters. But the advent of the Internet and mobile computing has invalidated this traditional defense. We readily recall how the Chairman of Qualcomm had his laptop stolen at a conference. Another instance was how a worm sent by email to a Microsoft employee resulted in much of the core Microsoft assets being spirited away through the perimeter defense system. These perimeter-piercing attacks happen everyday. Ultimately, legal authorities will help clear the cyber-world of crooks, but for the foreseeable future we have to protect ourselves.
Of course, this is the same motivation behind locking doors. Some crooks are stopped, and even with those crooks that are not, the message is clearly established for later legal judgments that the permission was not granted. So, legal privacy protection and strong security go hand in hand.
With the Internet to the desktop and the mobile device, lines of defense have to be established inside the operation of the devices themselves. We have been working in the area of “Trusted Devices.” These are devices that maintain internal lines of defense. Even if a Trojan horse infects a PC, the data and programs on that PC must not be compromised. Since mobile code, such as Javascript on Web Browsers, Macros in Word Processors, can be disseminated easily via the Internet, it is essential to establish the final lines of defense inside the operation of the devices themselves. Today such internal lines of defense, such as virus checkers, are still simplistic and highly inadequate.
Central to the solution is that devices, software, and even users, can be authenticated to be the devices, software, or users that they claim to be. Counterfeiting an identity should be detected and overcome. We must authenticate the users (the people and organizations) if we are to hold users to contractual obligations on the use of information.
We have argued that the proper engineering solution for internal lines of defense is to establish chains of trust from sources outside the capability of software in the main operating system environment. So, for example, we have helped architect the Phoenix Technologies Security Fabric, (www.phoenix.com ) that provides a firmware grounded chain-of-trust to authenticate software running in the main OS environment and people using the devices.
But the work with Phoenix is only part of the work that has to be done. We support the ATA 5.0 PARTIES initiative that permits firmware control over part of the high volume disk storage. There are many ways to corrupt and compromise the intended operation of a device connected to the Internet. Gaining broad control requires substantial secure storage space on any device. We are currently active on the engineering research for the security storage devices of the future.
Authenticating people is a central component of any coherent computer security system. It becomes particularly important if we wish more money to transact over the Internet. We regard “usernames and passwords” as engineering problems not engineering solutions because it is so difficult for people to manage these things. We are investigating several alternative schemes involving “ICC smart card” technology and speech recognition technology that promise strong user authentication without the hassle.
