Security Lost and Recovered (2)

by CT on April 28, 2014

A “complete” security strategy can be understood if we adopt an “information-theoretical” point of view. To do so, it is useful to describe the approach in the same way as we would consider a business model.

A high level model of a business architecture shows the relationships between the participants, and the different functions and areas are shown organically. In any business model we have at the core a “flow” and a “counter-flow” of materials and messages, or –better said—an exchange of activities between the participating actors. A usual depiction of this is a diagram showing two major “flows,” one going from the business organisation towards its environment, and one from the environment to the organisation.

MESSAGES      —————————->

                          <————————— MESSAGES

MATERIALS   —————————->

                          <—————————- MATERIALS

DOCUMENTS —————————->

                         <—————————- DOCUMENTS

The first “flow” is composed of signals (messages), products, and documents. The “messages” are all types of communicative actions emitted by the organisation towards its different departments, (from the centre to the periphery) and then beyond to the environment (its market and other collaborating entities). The material “flow” is naturally the transport or delivery of products (commodities) towards the clients and partners, and the documents are basically the invoices, terms of contract and other commercial instruments which have to be conveyed and exchanged with the participants.

As a counterpart of these three “outgoing” sequences of actions, we can recognise messages, materials and documents “coming” towards and into the organisation. These “flows” are the orders and market demand information, the returns and repair-bound products, and the payments and transfers that come from the clients and partners.

This is certainly not either a detailed nor an original theory of business operations, but it shall serve us as a model of the ways an organisation interacts with its environment. The point is to understand how the incoming and outgoing sequences of activities (“flows”) are co-dependent and co-determined, or better: how the two directions of interaction enable and complement each other.

This type of correlated and dependent model is useful as a template for the Security interactions we can find between any organisation and its environment. All exchanges only happen in relation to other exchanges. So, for example, outgoing messages are dependent on incoming messages, and vice-versa. Incoming user access is enabled by outgoing processes or services, and –fundamentally—there is no “flow” of information that is not articulated by “bidirectional” interaction between actors inside and outside of the organisation.

How can we use this approach in terms of information-theoretical security? First we need to offer a picture of this concept, due to the fact that the predominant form of Security in the IT space is not of this kind, but is instead based on exploiting principles of “computational” complexity and “risk management.” The view adopted here is based on the work of Ueli Maurer and his collaborators. (See: Ueli Maurer, Pierre Schmid, “A Calculus for Security Bootstrapping in Distributed Systems,” 1994; and Ueli Maurer, “The role of information theory in cryptography,” 1993)

A Security system is information-theoretical secure when its properties hold even when the adversary has unlimited computing power. The system is secure because the adversary does not have enough information to break the encryption, i.e. to break the confidentiality of the exchanges and interfere with the authentic actors.

In the paper indicated above, Maurer and Schmid consider a calculus of channel security properties for the analysis and comparison of “protocols for establishing secure channels.”

With that goal in mind, they explain how the concept of trust is less understood than cryptography in the information security world and they proceed to address the relationship between cryptography and trust. The initialization of a messaging channel becomes relevant as it corresponds exactly to the establishment of trust through the security protocol. The key here is the “duality” between the authenticity of the participants in the Secure protocol, and the confidentiality of the exchange.

From this perspective, a digital signature scheme is interpreted as the dual of a symmetric cryptosystem; and a public key cryptosystem can be seen as the dual of a message authentication protocol. In a complete security environment we need both, but obviously this also calls for a complete understanding of these two determinations.

According to Maurer’s model, channels can have several levels of security, ranging from no security at all to implementing bidirectional authentication and confidentiality, and including the possible combinations between these two extremes (ensuring confidentiality but not authenticity, or providing authenticity but no confidentiality)

Mutual authentication and confidentiality of the communication is depicted as a double headed arrow:

A o<——–>o B

Where the symbol “o” represents the belief of the opposite entity that this party is authenticated.

The four simple possible modes are represented as follows:

A —–> B (no security)

A —–>o B (confidentiality with no authenticity)

A o —–> B (authenticity with no confidentiality

A o —–>o B (authenticity and confidentiality)

Maurer and Schmid add to this formalism a notation for time and delay — t/t’ and [t] –, so that in the end they are able to represent combinations of confidentiality, authenticity and availability of a communication channel.

In the second paper indicated above, Maurer elaborates the concept of “information theoretic security” showing how, in order to prove the security of a cryptographic system, it is necessary to make assumptions about the information that is available to the adversary, as well as the computing power that can be employed. Therefore, Maurer correctly suggests that “in order to avoid all possible arguments about the assumptions about the adversary’s information” it is convenient to assume that he or she has complete information about the design of the cryptosystem, and that he can receive all messages transmitted.

Assuming that the adversary has unbounded computational power “anticipates all arguments” about the models of computation and the estimates of the opponent’s power. As a consequence of this line of thinking, perfect security is possible only when a perfect cipher is used, i.e. when the key length is at least as long as the plaintext. In this Maurer just adheres to Shannon’s definition of “perfect security” presented in “Communication Theory of Secrecy Systems,” 1946.

Starting from these insights, it is possible to understand the important role of encryption and decryption, i.e. cryptographic protocols, but also to see that these mechanisms are only a small part of the Security model of any organisation. More precisely, cryptographic protocols appear as a “limit case” in communication processes, as procedures necessary when communication is selectively established and when this selectivity is enforced between participants.

While in the most restricted scenarios authentication and confidentiality are limited to two actors. In a wider set of possible interactions between individuals cryptography plays a subordinate role when some or a majority of interactions are not selective (i.e. when “access controls” and communication channels can be observed or even mediated by many participants.

If the reader has followed the argument up to this point, it will be clear that –strictly speaking– all forms of interaction are bidirectional, with or without selectivity, and that more restricted and selective forms of interactions are actually embedded in non-selective exchanges. This view completes the security space by making trust negotiation and enablement more relevant and setting it as a context of confidentiality-focused enforcement mechanisms. Cryptographic mediation is only one moment of the  Security context.

Be it that the parties ensure only authenticity or only confidentiality, or be it that the interaction is more complex, the activities involved are always bidirectional, for example during the establishment of the protocol itself, and the signals or tokens that represent the interactions. Different to Maurer views, the dominant view of cryptography tends to ignore the duality of trust and confidentiality in these scenarios. Encrypting communications is primarily seen as a way to hide information, based on maximising the entropy of the opponent, while at the same time all the aspects related to trust definition and establishment are pushed into the background.

A better approach is to see all levels of trust and confidentiality management (with or without encryption mechanisms) as forming the continuum of communication. A continuum that includes the opponent as well as the selected destination of the message. I like to see all security protocols as systems of communication with an unknown range of opponents, which have unbound computing power and can see the entirety of the exchange.

Doing so leads to a more complex landscape of Security mechanisms and also to a stronger Security strategy. Instead of focusing the management strategy on “information hiding” the emphasis is set on “information classification” and “selective trust allocation” calling for a higher number of levels of assurance and enforcement than those usually achieved with traditional methods.

This approach maximises the Information-Theoretic strength of Security arrangements by ensuring that those parties that are disallowed or have low assurance levels do not have “enough information” to interfere or understand the various communication channels.

By increasing the complexity, granularity and dynamic or the communication channels, this model protects information by ensuring an increase of informational entropy on the side of the opponents, while reducing this entropy for the selected targets of the message. A strong concept of data classification and governance is essential for this strategy.

Entropy transfer coupled with entropy reduction become the goal and the essence of protected communications. This can be also conceived as a mechanism of control by which the environment of the communication parties is defined, segmented and structured through the managed communication channels. As a whole, the communication systems are governed as control channels, both of the authorised and the disallowed parties.

Schematically, any communication mechanisms is conceived and driven as a many-to-many interaction, where the organisation (An) interfaces in a selective way with the opponents (Oo), the partners and clients (Ep) through different channels:

                  ¦<——Ep

An —–>¦

                  ¦<——Oo

Returning to the image presented at the start of this text with the description of business exchanges as a complex of bidirectional interactions between the organisation and its environment, we can visualise a model in which secure communications are just part of the wider organisation/environment “flows,” and where the effects of control provided by security mechanisms are embedded in the business processes of the organisation (which ultimately also are control interactions, given that the enterprise and its environment causally influence each other).

Information-theoretic security is much stronger than computational security, but also necessarily more complex than computational Security due to the fact that it requires managing the informational state of a variety of addressees and opponents. Information-theoretic security is also more complex because it is based on data classification, which is a goal that cannot be obtained without a conscious mobilisation of the business teams of the organisation.

Given this additional level of effort and complexity, it is tempting to fall back into simplifications and adopt technologies forgetting the fundamental laws of any complex system: a complex organisation and a complex environment cannot be controlled with a simple model. The model needs to be at least as complex as the system it represents, as was established many decades ago by Ross Ashby. (See: R. Ashby, “Introduction to Cybernetics,” 1956)

In the approach I propose here, encryption and secure communications must be seen as only one aspect of organisational reality, so that integral Security is not achieved by means of isolated technology deployments, but only by the joint management of trust and risk.

I have proposed a conceptual model showing how these aspects are related, and this is depicted in the diagram below. (See also: http://carlos-trigoso.com/fundamental-conceptions-of-information/)

image019

 

When viewing this conceptual diagram, it is useful to associate the four modalities of action mentioned in the previous section (http://carlos-trigoso.com/2014/04/26/security-lost-and-recovered-1/) , i.e. Person, Subject, Agent and Object, with the four “perspectives” : Verification, Definition, Allocation, and Enforcement –as each of the modes of action corresponds to a one of the aspects of Trust Management as we will see as we progress with this study.

Comments on this entry are closed.

Previous post:

Next post: