Chapter 1 - Basic Concepts

Copyright(c), 1990, 1995 Fred Cohen - All Rights Reserved

When we use the term information, we are referring to symbolic representations in the most general sense [MacKay52] . When we use the term protection, we are referring to the act of keeping from harm. Thus 'Information Protection', may be defined as 'the act of keeping symbolic representations from causing harm'.

Information protection is an activity, something that we do, not something we can buy. It may help to think about it in these terms. No matter how good a house you buy, the roof will eventually leak. The only way to protect your house from water damage is to maintain the roof. In the same way that maintaining your roof is something you must do to keep harm from your house, information protection is something you must do to keep harm from your information systems.

I often refer to attackers, tappers, enemies, and other such apparently evil incarnations to represent causal agents in intentional attempts to cause harm. I use these active forms because in many, perhaps even most protection related incidents, a person intentionally causes harm. To be honest and fair, there are also a large number of protection related problems that take place without intent. Errors and ommisions by well meaning individuals often have the same effect, and we can hardly blame them since we generally have failed to educate them in the field.

The concept of harm is particularly nebulous in our context. If our symbolic representations are to serve a purpose, they must have a cause and effect relationship with the physical world. To understand information protection, we must relate information systems to 'harmful' things in the physical world. There is no predetermined way to form such a relation, if only because one person's harm may be another person's well being. As a result, the study of information protection is a study of tradeoffs.

There are many types of symbolic representations, and many ways in which they may be used. In understanding the relationship between information and the physical world, we develop a theory of meaning, a way to understand what information is and what it does. We take the philosophy that information only has meaning in that it is interpreted. That is, to the extent that a book is only a symbolic representation, a book that is never read, has no meaning. The only meaning that can come from it is derived from its interpretation by an understanding reader, in its direct and indirect effects on the physical universe.

There is a tendency, when dealing with issues of keeping from harm, to forget that there is great potential for benefit in the things that we do. It is often claimed that a system that does nothing harms no one. The problem is that it also helps no one, and is therefore not an optimal situation. Protection decisions often result in increased costs and decreased utility. If there is any hope of making sensible protection decisions, we must attain a sound understanding of the effects of these decisions.

This book deals in two venues. One deals with the process of information protection, while the other deals with the technical fields that contribute techniques used in protection. The process is divided up into developing philosophy, setting policy, making models, implementing protection, and maintaining protection during operation. The technical fields will cover cryptography, operating systems, computer networks, fault tolerant computing, computer architecture, physical protection, the legal system, and management.

Summary

As you see, information protection is not a simple matter, and it cannot be addressed from a single perspective. It is a pervasive problem that must be persued in a wholistic manner in order to provide its benefits. At the same time, there are very few people who have more than a cursory knowledge of these issues. I take the philosophy that anyone dealing with information protection should have a working knowledge of the entire field. This book takes a bottom-up approach to providing that knowledge by starting with the technical fields and then covering elements of the protection process using the technical fields to understand tradeoffs.