Presentation is loading. Please wait.

Presentation is loading. Please wait.

Living in an Insecure World: Where do we go from here? Richard DeMillo Information Security Center College of Computing Georgia Tech.

Similar presentations


Presentation on theme: "Living in an Insecure World: Where do we go from here? Richard DeMillo Information Security Center College of Computing Georgia Tech."— Presentation transcript:

1 Living in an Insecure World: Where do we go from here? Richard DeMillo Information Security Center College of Computing Georgia Tech

2 British Railroads Pre-1825: centuries of use of iron-capped rail technology 1825: Stockton&Darlington is first commercial railway with 1 locomotive 1829: Liverpool&Manchester trial to demonstrate 10mph capability (achieved 24 mph uphill) : innovation and improvement, frenzied competition 1842: Queen Victoria is “charmed” by technology : Entrepreneurs emerge, led by George Hudson 1845: Railroad mania Late 1845: Trouble 1846: Crop failure 1847: Week of terror: Oct 17 (“Entire famlies were ruined”) 1850: Thomas Carlyle suggests public hanging for Hudson : 21,000 miles of track are built YOU ARE HERE Factories and Mills Steel Electrification Automobile Mass Production Waterways Telephony Broadcast Communications When a Technology reaches its Golden Age More innovation We structure our activities around the new technology It adapts to us It becomes easy to use It fades into the background

3 Agenda Asymmetric information warfare and the death of the enterprise Why ROI is so difficult The effects of 9/11 –The mistakes of the 1960’s –The national R&D agenda

4 Enterprise Boundaries Premises Vertical Integration Globally Distributed Enterprises Manufacturing and Distribution Partners Exchanges and Outsourcing B2B and B2E Architectures Commoditized Enterprise (per BP’s John Leggate) –Commodity hardware –Open source infrastructure –Open protocols

5 Birnbaum’s Pervasive Computing Evolution penetration micros mainframes batch computing and timesharing minis distributed computing networked personal computing open systems of clients and servers internet computing open global services information utility/appliances programmable data center source: joel birnbaum, 1982

6

7

8 Asymmetric Threat “Today we see an ambiguous world, with people, groups, and governments pursuing complex goals. The borders have blurred between governments and people, military and populace, public and private. New fourth-generation warriors, non-national and trans- national groups based on ideology, religion, tribe, culture, zealotry, and illegal economic activities, have pushed many regions of the world into anarchy.” Gen. David Grange National Strategy Forum, Winter 2000 No perimeters Indirect attacks Insider threats

9 Defending Enterprises As If They Were Premises Find a likely target, then… Case the joint Determine vulnerabilities Attack the weakest defense Footprinting Scanning Enumeration

10 Asymmetric threat Metcalf’s law Host security depends on security of rest of systems attached to the internet Automation leads to attack sophistication –Denial of service –Worms –DNS Attacks –Router Attacks

11 Upper management hears about the threat

12 ROI Analysis for IT Security copyright bruce schneier, 2001 cost $ optimal level of security at minimum cost total cost cost of security countermeasures cost of security breaches security level 0%100%

13 % of IT Budget Security budget as a percentage of IT budget by organization size,

14 Attack on 128 bit encryption Probability of successful attack Cost of cryptanalysis device $20M

15 People are more Cost-Effective PersonPositionPrice Aldrich AmesCIA Director Of Counterintelligence$2,500,000 Robert HanssenFBI Agent$1,400,000 Robert WalkerRetired US Navy Warrant Officer$1,000,000 Jonathan PollardNaval Investigative Service Analyst$50,000 “Why spend $20,000,000 building a cryptanalysis machine if you can spend $1,000 bribing a clerk?” – bruce schneier

16 Attack on n bit encryption Probability of successful attack Cost of cryptanalysis device

17 Windows Power-on Self Test Are you talking to a securely booted computer? test processor verify BIOS integrity initialize chipset test RAM initialize video device init. plug & play devices ROM scan load from boot device run bootstrap loader find and load OS loader run OS loader load and run OS Intel publishes technical data for defeating boot block protection Cursory scan using trivial security criteria Favorite haunt of virus writers! Might not even be your OS!

18 Architecture of Trusted Computer Platform (TCPA) Trusted Platform Module (TPM) Core Trust Root (CRTM) System Services API CRTM Loads before any other boot component First trusted component Bootstraps measurement of next component in chain Records value in TPM integrity and measurement trusted identities protected storage Core Trust Root (CRTM) System Services API Trusted Platform Module (TPM) Random Number Generator Non-volatile Memory ProcessorMemory Hash HMAC Asymmetric Key Generation Signing and Encrypting Clock Power Detection I/O Platform Configuration Registers

19 Secure Boot is a Service End-to-end Measurable characteristics Priced and assured by Service Level Agreement (SLA) –Customer pays for service delivery –Service provider is penalized if SLA is not satisfied –Service authority analogous to Certificate Authority is arbiter Services with Quality of Service guarantees

20 Effects of 9/11: Homeland security is an enterprise security problem Lessons of the 1960’s –IT drives the problem –IT is very expensive to fix

21 Homeland Security: Where is the money going? Homeland Security Block Grant Act of 2003 –Provides additional 3.5 billion in funding with 70%of that funding going to 1,000 counties across the nation –Only an estimated 5% of this funding will be dedicated to IT Security –The other 95% will go to containing hazardous chemicals, border patrol, fare & emergency resources, protective equipment, improvement of disaster response systems, and the like

22 Steps Forward NSTAC National R&D Agenda –R&D Exchange Meeting:March GTISC –President’s Science Advisor John Marburger chaired –Agenda needs to be acted upon –Human-centric solutions

23 Visualization

24 What to take away Asymmetric information warfare demands new business models The agenda for traditional enterprises needs to be acted on – necessary but not sufficient Learn from history –Don’t repeat the mistakes –Chase the “Golden Age”


Download ppt "Living in an Insecure World: Where do we go from here? Richard DeMillo Information Security Center College of Computing Georgia Tech."

Similar presentations


Ads by Google