======================================================================== STRATEGIC DEVELOPER: JON UDELL http://www.infoworld.com ======================================================================== Thursday, September 23, 2004
ACCESS CONTROL, MONOCULTURE, AND ACCOUNTABILITY By Jon Udell Posted September 17, 2004 3:00 PM Pacific Time Two years ago I bumped into a powerful idea that I knew I'd be hearing about again. In a blog entry about ACLs (access control lists), I cited a speech given by Dan Geer to the Security Industries Middleware Council. Geer was then CTO of @Stake, a security consultancy that fired him last year for co-writing a much-publicized Computer and Communications Industry Association report asserting that a software "monoculture" -- such as Microsoft's dominance has created -- is an inherent security risk. ADVERTISEMENT -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- INFOWORLD PRESENTS A SPECIAL REPORT ON STORAGE MANAGEMENT The unrelenting growth of data storage needs, which set off a chain reaction of solutions targeted at the Fortune 500, has filtered down to affect IT operations of small and midsize businesses (SMBs). This report features 10 tips to help purchase storage management solutions. Additional information, including results from InfoWorld's research on the storage market is also included. Sponsored by Veritas. REGISTER AND DOWNLOAD NOW http://newsletter.infoworld.com/t?ctl=8E0A1B:2B910B2 -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- The monoculture idea is self-explanatory, but the concept of accountability needs some unpacking. Along with Geer's SIMC keynote, you might want to listen to Doug Kaye's interview with Geer on the ITConversations Web site. Geer argues that access control lists -- although they'll remain a vital ingredient of information security -- can't take us where we now must go. The reason is that linear growth in the number of people you authenticate, or the number of resources you control their access to, or both, results in geometric growth of the matrix of checkboxes you must fill out. Every checkbox requires an explicit choice, and it gets impossibly hard to keep up. The way forward, Geer suggests, is not to abandon ACLs but rather to augment them with aggressive monitoring that holds people accountable for behaviors that can't economically be permitted or denied. ACLs don't scale because checkbox maintenance requires a scarce resource: the human decision-maker. Accountability does scale because event logging and data analysis ride the favorable current of Moore's law. This notion is compelling because, as Geer points out, our free society works in a similar way. We don't have to ask permission for most things, but, "If I sufficiently badly screw up," Geer says, "there's some expectation that will be discovered, and I'll be found, and I'll be made to pay." The means of discovery is surveillance. In the physical world we rely on eyewitnesses and increasingly, especially in Britain, on cameras. In the virtual world, according to Geer, we're now approaching a critical fork in the road: "To the left, we surveil people. To the right, we surveil data. I'm arguing for data-level file-tracking because if I have to surveil either people or data, I think it's highly important that we choose to surveil the data, not the people." Not coincidentally, Geer's new company, Verdasys, supplies file-tracking technology. The concept is straightforward: Deploy an agent to the desktop that intercepts and logs all transactions with the file system, and with other services such as e-mail, IM, and the clipboard. Verdasys expects corporations will use this data both to enforce policies and to enable forensics. The accountability argument is convincing, and I'll be fascinated to see how all this plays out. Ironically, though, it casts the monoculture argument in a new light -- at least for me. I've long lamented Microsoft's failure to establish a strong tradition of event logging on the Windows desktop. Because the relevant Win32 APIs were omitted from Win95, we inherited a generation of Windows applications that don't gather much useful evidence. Had it ensured broad deployment of such evidence-gathering capability, the Microsoft monoculture might today be a source of mitigation as well as of risk. Jon Udell is lead analyst at the InfoWorld Test Center. ======================================================================== Link to the AppDev Stories That Matter InfoWorld's free weekly Application Development Report brings you a digest of each week's key application development stories. And from there, one click takes you to the full story. There's no quicker, more efficient way to track the top stories in application development, whether you're a customer, user, or industry insider. The Application Development Report, a free weekly newsletter from InfoWorld. Go to http://newsletter.infoworld.com/t?ctl=8E0A17:2B910B2 ADVERTISE ======================================================================== For information on advertising, contact [EMAIL PROTECTED] UNSUBSCRIBE/MANAGE NEWSLETTERS ======================================================================== To subscribe, unsubscribe or change your e-mail address for any of InfoWorld's e-mail newsletters, go to: http://newsletter.infoworld.com/t?ctl=8E0A18:2B910B2 To subscribe to InfoWorld.com, or InfoWorld Print, or both, or to renew or correct a problem with any InfoWorld subscription, go to http://newsletter.infoworld.com/t?ctl=8E0A1A:2B910B2 To view InfoWorld's privacy policy, visit: http://newsletter.infoworld.com/t?ctl=8E0A19:2B910B2 Copyright (C) 2004 InfoWorld Media Group, 501 Second St., San Francisco, CA 94107 This message was sent to: [EMAIL PROTECTED]
