Interesting bit of a quote

Anne & Lynn Wheeler lynn at garlic.com
Sat Jul 15 11:15:21 EDT 2006 

Travis H. wrote:
> 1) Some kind of physical authenticity, such as signing one's name on
> the media as they are produced (this assumes the signer is not
> corruptible), or applying a frangible difficult-to-duplicate seal of
> some kind (this assumes access controls on the seals).
> 2) Some kind of hash chain covering the contents, combined with
> publication of the hashes somewhere where they cannot be altered (e.g.
> publish hash periodically in a classified ad in a newspaper).

a lot of that has to do with whether you have an original and/or whether 
an original has been modified.

my view of audits for sox type stuff is whether the original is correct. 
that is where multiple independent sources of original information came 
in for purposes of cross checking   (and possibility of any 
inconsistency is indication of something amiss) ... and where 
subsequently you have to start worrying about countermeasure to collusion.

however, if you have collapsed the originals to single source, you loose 
the ability to cross-check multiple independent originals for validity 
of the information. so you ask for a lot more detailed information in 
the originals ... hoping the level of detail is harder to make 
consistent (since you may have some sense that you have lost the 
capability of cross checking multiple independent sources for 
inconsistency). the counterargument is that with IT technology ... that 
any level of detail can be programmed to be consistent (if you are going 
to create incorrect information in an original ... you could make it 
incorrectly consistent to any level of detail).

So now you create significant threats and penalties for anybody (in 
charge) allowing incorrect information to appear in an audit (since you 
somehow realize that that with only a single source, it isn't likely 
that an audit is going to turn up inconsistent information as an 
indication that something is incorrect).

So now you are potentially in a situation that audits are no longer an 
effective countermeasure to serious inconsistent or incorrect 
information ... its the threats and the penalties that are the 
countermeasure to serious inconsistent or incorrect information.
At the same time there is some sense if audits previously had turned up 
inconsistency (from multiple independent sources) ... then possibly just 
increasing the level of audit detail might still provide some benefit.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list