Which recent technological advance has the greatest implications for information assurance issues?
Posted by Tom Fuller in Blindside project at June 20th, 2007
Hi all. See title of this post. People will look at me sternly if I don’t find the answer to this question.
More importantly, public policy will not be as robust in fashioning an information architecture fit for purpose and fit for the UK.
So take a minute and tell me. Is it convergence? (Is public sector information secure in a wireless world?)
Is it nanotechnology? (If the universe is contained in a grain of sand, microdots then can carry all. Or is that true?)
Is it mistaken procedure and human error?
Inform me–and public policy. Is there one threat that stands above all others?
June 20th, 2007 at 11:22 am
Add one vote for “mistaken procedure, human error and misconception”. As systems get more complicated, so there is more opportunity to get things wrong or fail to understand them.
Consider virtualisation; in its many forms, it’s probably been the “buzzword du jour” for the last few years. I’m not calling virtualisation a threat, by any means, but it serves as a useful example of how the use of sufficiently complex enabling technologies can create threat or the perception of threat if incorrectly handled.
People like to be able to point to a storage array and say “this is where my data is”. Storage virtualisation can take that “level of comfort” away.
When consolidations are performed into new virtualised environments, the question of “ultimate authority” can sometimes arise. If Dept A and Dept B, who used to have a machine each, have their machines replaced with zones on a Solaris 10 box, they will be concerned about who has root in the global zone. If you instead give them each a logical or physical domain on the same box, they will be concerned about who has root on the domain controller. Naturally, this is something fixable in policy, but the threat of compromise of the “ultimate authority” system still needs to be mitigated.
When you also consider hypervisor environments and products such as VMWare, concern arises regarding what can be done to a guest OS from the host OS. While there is no VMWare product which supports Solaris as a host OS at this time, I speculate that it would be “difficult but interesting” to use DTrace to modify the behaviour of a VMWare guest OS, or what the guest OS sees in its I/O environment.
Mechanisms need to be in place to ensure that such tools are not installed “at the wrong level” in such environments.
In fact, if you extend “virtualisation” to “security abstraction in general”, you get to the point where web services can declare all manner of interesting security conformities to eachother, oblivious to a Bad Guy sitting at the root shell of the environment that a service is running in, watching everything it does.
Virtualised infrastructures, IMHO, require the most rigorous and joined-up policies and procedures. This tickles my irony bone, but also makes me wonder whether we can be certain that the procedures close or mitigate the existence of the potential holes.
June 20th, 2007 at 12:34 pm
Hi Dave,
I certainly tend to agree with the first part of your comment–I think a very large percentage of IA risk is people-centred. As for the virtualization issue, how big is that? At the last company I worked at, they were ‘virtualizing’ something like 53 servers down to 7 boxes, but it was all intra-company. Would it be safe to assume there is more intra-company pickup on that than, say, competitors agreeing to share the same box?
June 20th, 2007 at 1:21 pm
Hi Tom,
Yes, I’d agree that the vast majority of virtualisation stuff is intra-company rather than, say, cross-customer at a managed co-lo facility (btw, I often use the managed co-lo scenario as the toughest one I can think of, from the perspective of security issues and rigour), but even then, I’ve heard about places where different departments do not trust eachother to have over-arching authority on what they see as “their” systems. This tends to hapen more often when consolidating per-geo systems into a multi-geo environment in a multinational organisation, at which point the differences in governance requirements cross-geo can also raise interesting issues. From a CSIA perspective, of course, this is unlikely to be an issue.
June 21st, 2007 at 4:13 pm
I think its the architecture of the Internet (with its inherent security and identity-level failings).
The most important THING is people’s intentions. But you asked for the most important technological advance.
I know the net is nearly as old as I am but each astounding new fad (Flickr, Digg, Facebook)reminds us we’ve yet to get to grips with its full implications. Just as, indeed, I’m still trying to work out what i’m doing here.