论文信息 - Toward Fail Safety for Security Decisions

Toward Fail Safety for Security Decisions

I was thinking about what I wanted to write about for my first editorial in IEEE Security & Privacy, when I came across this statement in the 2019 Application Security Risk Report by Micro Focus1 (free, but it requires registration): “Because people are prone to error, manual security tasks that can otherwise be automated are at risk of being done incorrectly.” While this is not a surprising statement in and of itself, it reminded me of the many ad hoc decisions being made by people in various roles in computing systems— from programmers to administrators to end users—that we require to be correct for a system to achieve security goals. I normally work and teach topics related to operating systems and software security, where we aim to build methods to detect and/or resolve security problems in current systems. As a result, our aim is to automate security decisions as much as is practical. However, with increasing frequency, we are running into cases where systems request manual security decisions, but these often complex and ad hoc decisions are being made by people with little guidance and essentially no safety net. While this may not be a surprise to people who work on usable security or social engineering, a question is this: How can researchers help systems avoid creating vulnerabilities resulting from such manual decisions?

Trent Jaeger

[1] Li Gong,et al. A secure identity-based capability system , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[2] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.

[3] Paul C. van Oorschot. Computer Security and the Internet: Tools and Jewels , 2020 .

[4] Yuqiong Sun,et al. EnTrust: Regulating Sensor Access by Cooperating Programs via Delegation Graphs , 2019, USENIX Security Symposium.

[5] Franziska Roesner,et al. Analysis of the Susceptibility of Smart Home Programming Interfaces to End User Error , 2019, 2019 IEEE Security and Privacy Workshops (SPW).

[6] Yuqiong Sun,et al. AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings , 2017, USENIX Security Symposium.

[7] P. G. Allen,et al. Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study , 2019 .

[8] Ninghui Li,et al. PolyScope: Multi-Policy Access Control Analysis to Triage Android Systems , 2020, ArXiv.

[9] Paul A. Karger,et al. An Augmented Capability Architecture to Support Lattice Security and Traceability of Access , 1984, 1984 IEEE Symposium on Security and Privacy.

[10] Dorothy E. Denning,et al. A lattice model of secure information flow , 1976, CACM.

[11] K. J. Bma. Integrity considerations for secure computer systems , 1977 .