Book Project: IT Security

From IRF Wiki

Jump to: navigation, search

IT & Security

  • The questions raised at the IR Forum are discussed in the context of the patterns.
  • Further ideas and research are added from the research interviews.


Ideas from the Proceedings

IT SECURITY - new concepts:

  • security is going to be a multi-technology solution ... no notion of a single technology making anything secure ... Web 2.0, social networking, mashups, etc. will change security dramatically - from purely computer-based and OS-based to large scale IT-infrastructure-based.
  • Building systems that guarantee no denial of service - all attacks and viruses, etc., can deny service, so this is top-level goal. ... very different than how do you build systems that are guaranteed to be secure
  • Guaranteeing privacy with security - enable limited sharing of sensitive data
    • Trust in computing systems - cell phones and PDAs are going to become universal access mechanism
  • Liability against software -- guarantee that people are using the same software that you gave them, a big challenge
  • Biometrics everywhere - privacy issues; IP trace-back to catch hackers/spammers
  • International cooperation a must - standards rationalized


Information sharing between ad hoc groups of disparate entities - in emergency/homeland security response, etc.:

  • Securing data is vital
  • Semantics important to bridge gaps between systems
  • Visualization is critical
  • Need to have access control models as well as mechanisms to support distributed policy enforcement of fine-grained access and select access and select dissemination of information - ability to segment data for access by different audiences (Fire Dept. vs. Police, e.g.)
  • Semantic interoperability - data fusion, machine-to-machine interaction in the semantic web and semantic web services in terms of automated and dynamic selection, composition of services, based on semantic, also monitoring the services so that we can oversee the service operations along with individual services to achieve a certain goal. Ontology critical, too. Sensor networks. Adapt to changing needs, mine data and push new knowledge back out to edge and into sensor network itself.
  • Data mining -- privacy issues; differing policies in different jurisdictions


Best practices and the challenges they raise:

  • Investments into IT security should be assessed from an economic business case point of view - ROI differs by industry (e.g., Fin’l services vs. manufacturing) Challenge: Concept of individual responsibility breaks down so, “ ... if too many individuals are careless, then the Internet and network computing could be compromised. How do we draw the line? Where do we establish the balance? Can we accept that we rely on individuals? Should society as a whole introduce rules? Challenge: An execution problem for enterprises; a conceptual problem for society itself. Public discussions required over risks and and costs. Irrationality is high in public security.
  • IT architecture - a streamlined application security architecture, which follows a services-oriented paradigm and has identity management at its core, and second, a horizontally-managed infrastructure security architecture, which actually allows the outsourcing of the more generic components. Challenge: New paradigms of agile development and flexible IT architectures may deeply affect security risks and responses.
  • Address IT and human behavior in parallel - e.g., communicate very clearly to the exit employee the consequences of using proprietary information
  • Consider security at the very beginning of the design of a system and the design of solutions, vs. trying to build security on top of apps later on. Especially important with Web services.
  • Making trade-off between application security and overall application performance
  • Security is not only a threat management, it can be an opportunity-driven management ... some of the threats that are occurring can also be worked on and will be less perceived as a threat by the part of a bigger picture, which is more opportunity-driven.
  • Event-driven systems looking for anomalies - bank deposit too big, etc. Database triggers.


Platform-level measures coming:

  • Trusted virtual machines - “closed environment on open systems”, a secure container.
  • Virus containment - works at packet-level, detects and blocks viruses 100%


Challenges:

  • How to secure paid content in legal Peer-to-peer (P2P) file-sharing networks.
  • How to cope with too much information from overly-complex security measures
    • Inadequacies of PKI and firewalls - ripe for replacement
  • Online trust - ad hoc interactions between agencies and service providers unfamiliar to each others, in emergency situations, calls for special approaches to establishing trust
  • Bugs in security software is a big problem - firewall code found to be infected with foreign spyware
  • Security looks like a huge business opportunity, but it is ” a very fragmented market, so it's really a very, very difficult business opportunity.”
  • Risk of trusted insiders and lack of training among employees


Book Chapter: [1]

Retrieved from "http://www.international-research-forum.com/WIKI_2006/index.php/Book_Project:_IT_Security"
Personal tools
The Book Project