[Cryptography] FW: IAB Statement on Internet Confidentiality

Bill Frantz frantz at pwpconsult.com
Mon Nov 17 16:14:56 EST 2014

On 11/17/14 at 8:54 PM, alex at alten.org wrote:

>3. You can't just add key management without dealing with 
>policy adjudication. And you can't adjudicate without a 
>(globally) scalable way to deal with the identity of humans and 
>programs.  How do we represent and store policy attributes and 
>rules? Is this beyond the purview of the IAB? If so, whom does 
>the IAB coordinate with?

While the identity of humans and their programs is important for 
audit trails, what is really needed for security is the 
authority of humans and programs. If you know who is making a 
request, you really don't know much. You still must make a 
decision to grant access or not, and you run a significant risk 
of confused deputies. <http://www.hpl.hp.com/techreports/2009/HPL-2009-30.pdf>

On the other hand, if you know the request is authorized, you 
can just honor it.

>And to do this we need some sort of Reference Monitor inside each OS.  How can we do this without hardware support?

Many operating systems, KeyKOS among them, have demonstrated the 
ability to provide "reference monitor" functionality with out 
special hardware support. KeyKOS used supervisor/problem modes 
and standard virtual memory protection. <http://www.cis.upenn.edu/~KeyKOS/agorics/KeyKos/keysafe/Keysafe.html>

Cheers - Bill

Bill Frantz        |"We used to quip that "password" is the most common
408-356-8506       | password. Now it's 'password1.' Who said 
users haven't
www.pwpconsult.com | learned anything about security?" -- Bruce Schneier

More information about the cryptography mailing list