Demo-security, Demos-secure-IT, trends in IT and global security
Hervé Falciani.
30th November 2015. In early December 2012, so precisely three years ago, “Vilerat”, a Foreign Service Information Management Officer assigned to the American consulate in Benghazi, Libya, was killed. “Vilerat” was his gamer name; he was a very prominent EVE gamer, “EVE Guild Wars” being the name of a famous online game. Sean Smith, as many government agents, was extensively using online games. Online games have become very valuable communication tools. They are one of the best camouflage techniques to hide from spying; as it was also revealed on November 13th, during the investigation of the terrorist attacks in Paris.
This camouflage technique is often called “hiding in plain sight”. We have to put in perspective the extent of the PlayStation network (that manages more than 110 millions users), in compare to the number of users of the Tor1 network, containing less than 10 thousands nodes. Therefore it is easier to identify and monitor Tor users than gamers, even knowing how easy it is to identify applications, through tremendous amount of connections, without deep packet inspection.
Preserving the confidentiality of your identity and traceability is the most important, much more than protecting access to the information…once information has been anonymized. When it comes to information and more precisely to Information Technology, security tends to be counter-intuitive. According to US statistics published for the year 2014, insiders were accounting for 46% of the cost resulting from electronic crimes damaging your organisation2. Insiders have granted accesses, and the appropriate credentials. To deceive and trap opponents, fake infrastructures (Honey Pots) are used among the real production ones. And now we also have templates, drafts and fake documents stored in Content Management Systems, designed for the same purpose. Especially in the media and intelligence fields, whatever notes and documents you may have, if the source is unknown, crosschecking could result ineffective to assess accuracy of documentation and lead to further investigation needs. The entire classification process depends a lot on the provenance of the information. As a result, the trend consists in preserving much more the classification information (the indexing) than the data.
That’s why are emerging new classes of access control systems. We had Access Control List, then Label Based Access Control or Role Based Access Control and now the most innovative, known as Trust-Based Access Control, is getting pace. Trust-based security model is based on two main pillars:
1. Cryptography, with Public Key Infrastructures (PKI)
2. Consensus in preference-approvals context, i.e. voting systems
In this trust-based context, the “crowd” grants the accesses to the services and is in charge of the quality of the offered services. Every member of the crowd could be both user and provider for the services and remain more and more responsible for the confidentiality of his private key only. Distributing among larger and larger community is the foundation of Internet infrastructure, meant to be resilient to attacks and failures, fostering resiliency of exchange as a trade-off to the lack of centralised control. Peer-to-peer is now the democratisation of decentralised activity, the democratisation of distributed computing. As an alternative to pay for a service, peer-to-peer is offering a way to support and use the service by supplying part of the effort. Transparency could be fine-grained and the news emphasise the need to preserve ourselves from hegemonic organisation, centralising our private information, like Facebook or Apple.
Finance itself is moving to distributed ledgers, applying the same principles than BitCoin: peer-to-peer and PKI.
The size of the community, its awareness and standardisation are the three factors insuring the efficiency of group consensus and provenance models. That’s why we can talk about demos(common people in Greek) and demos-security and say that demos-secure-IT is to come.
Notes:
1. https://www.torproject.org/: « Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy »
2. Source: 2014 US State of Cybercrime Survey,U.S. Secret Service, Software Engineering Institute CERT Program at Carnegie Mellon University and Price Waterhouse Cooper; Does not include respondents not aware of which activity was more damaging
