RE: [iwar] Computer and Network Security vs. Information Privacy and Confidentiality

From: Tony Bartoletti (azb@llnl.gov)
Date: 2001-08-09 13:33:22


Return-Path: <sentto-279987-1578-997388544-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Thu, 09 Aug 2001 13:24:10 -0700 (PDT)
Received: (qmail 3067 invoked by uid 510); 9 Aug 2001 19:24:42 -0000
Received: from n10.groups.yahoo.com (216.115.96.60) by 204.181.12.215 with SMTP; 9 Aug 2001 19:24:42 -0000
X-eGroups-Return: sentto-279987-1578-997388544-fc=all.net@returns.onelist.com
Received: from [10.1.4.54] by ej.egroups.com with NNFMP; 09 Aug 2001 20:22:24 -0000
X-Sender: azb@llnl.gov
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-7_3_1); 9 Aug 2001 20:22:23 -0000
Received: (qmail 99657 invoked from network); 9 Aug 2001 20:22:16 -0000
Received: from unknown (10.1.10.26) by l8.egroups.com with QMQP; 9 Aug 2001 20:22:16 -0000
Received: from unknown (HELO smtp-2.llnl.gov) (128.115.250.82) by mta1 with SMTP; 9 Aug 2001 20:22:16 -0000
Received: from poptop.llnl.gov (localhost [127.0.0.1]) by smtp-2.llnl.gov (8.9.3/8.9.3/LLNL-gateway-1.0) with ESMTP id NAA05365 for <iwar@yahoogroups.com>; Thu, 9 Aug 2001 13:22:15 -0700 (PDT)
Received: from catalyst.llnl.gov (catalyst.llnl.gov [128.115.222.68]) by poptop.llnl.gov (8.8.8/LLNL-3.0.2/pop.llnl.gov-5.1) with ESMTP id NAA27780 for <iwar@yahoogroups.com>; Thu, 9 Aug 2001 13:22:15 -0700 (PDT)
Message-Id: <4.3.2.7.2.20010809132329.00b541c0@poptop.llnl.gov>
X-Sender: e048786@poptop.llnl.gov
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
To: iwar@yahoogroups.com
In-Reply-To: <FMEBKCCNDNLCDGCDNJAOCEMKCAAA.jsforza@isrisk.net>
References: <4.3.2.7.2.20010809103958.00b515a0@poptop.llnl.gov>
From: Tony Bartoletti <azb@llnl.gov>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Thu, 09 Aug 2001 13:33:22 -0700
Reply-To: iwar@yahoogroups.com
Subject: RE: [iwar] Computer and Network Security vs. Information  Privacy and Confidentiality
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

At 03:06 PM 8/9/01 -0400, you wrote:
>Tony wrote..
>
> >"Anonymized" also offered the general observation that, due to the
> >complexity of the technology, infrastructure management is gaining De Facto
> >peer rights to information content.  Since there is (IMHO) no practical way
> >to avoid this situation, the only remedy would appear to be laws that
> >prohibit infrastructure management from taking any actions, based upon
> >revealed content, that are not aimed directly at infrastructure integrity.
>
> >In this digital age, the fact that "data" to one process can be "process"
> >to another process makes the "content vs infrastructure" distinction
> >increasingly problematic.
>
>Tony, I love it when somebody says "no practical way". Those should be
>fighting words to a competent group of OS architects. I am willing to accept
>even a partial solution in this space so how about the following:
>
>An OS that grants inital admin rights only to the data creator. The inital
>rights are restricted to creator eyes only and no transport. The creator
>determines the data classification and establishes rules of modification and
>channels of exchange. Ok, so I admit that an individual will have to add
>some process to data creation, but hey I remember PAPER and the issues of
>control and distribution before Xerox appeared on the scene. Speaking of the
>big X, remember GlobalView.. they were on the right path for a while there.
>
>On an aside - we often use the example of the bin diving janitor when
>talking of covert information gathering but in my experience I know the
>janitor's face better than I know some SA or network geek (pardon to the IT
>community) in the bowls of the building. A least the janitor says hello and
>knocks on the door.

I stand corrected ;)

No practical way, besides pervasive content encryption.  Unless and until 
most all applications support strong end-to-end encryption as a rule, 
rather than as an exception, I cannot see how infrastructure management can 
investigate a network or system problem without consequent access to the 
content being stored or transported.  Perhaps there are methods of which I 
am unaware, but I suspect that the system you outline (very reasonable, 
sounds like a system built upon "E"; see "Erights.org",) must rely upon 
encryption for enforcement.

Cheers!

___tony___


Tony Bartoletti 925-422-3881 <azb@llnl.gov>
Information Operations, Warfare and Assurance Center
Lawrence Livermore National Laboratory
Livermore, CA 94551-9900





------------------------ Yahoo! Groups Sponsor ---------------------~-->
Small business owners...
Tell us what you think!
http://us.click.yahoo.com/vO1FAB/txzCAA/ySSFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:39 PDT