COMPSEC '88

  • View
    216

  • Download
    0

Embed Size (px)

Text of COMPSEC '88

  • Vol. 11, No. 1, Page 21

    solutions, or where the hard-wired solution is uneconomic.

    So should we trust computers? Within limits, yes - but we do not know where those

    limits are, or whether many systems have already crossed the line. Although most

    current systems are adequately safe, and the major systems of highest criticality are almost

    certainly so, there are economic and marketing

    pressures which will lead to ever more complex systems in the future. The rate of

    growth in both the number and the complexity

    of safety-critical systems seems to be high,

    and urgent action is therefore needed to create a framework within which we can exploit the

    power of computers safely and economically.

    I believe that the proposals I have given would lead to such a framework, and I hope I

    have demonstrated that the ideas are worth further consideration.

    Martin Thomas

    Praxis Sys terns plc Bath, UK.

    CONFERENCE REPORT

    COMPSEC 88

    COMPSEC 88, the Fifth National Computer Security Conference, was held from

    11 to 13 October 1988 at the Sheraton Skyline Hotel, Heathrow, London. The first day was

    devoted to the British Computer Society (BCS) Annual Conference. I did not attend the BCS meetings, so I wont mention anything which happened on that day.

    The second and third days provided an interesting mix of speakers. From the list of

    speakers it was obvious that the organizers have made a conscious attempt to attract new speakers, especially from academia. This is to be applauded. Alongside the conference was an exhibition spread over two halls, with

    several new products on display. This was the first time COMPSEC had run an exhibition.

    The structure of the conference was organized on the lines of two parallel streams,

    each of which contained the same talks but in

    a different order. Therefore each of the speakers had to give their presentation twice.

    The streaming structure seemed to be rather

    forced upon the conference organizers by the

    layout of the rooms, but perhaps with a conference of this size, streaming is

    unavoidable.

    As well as the usual summaries of the

    state of play in various fields of security, I

    noticed a definite attempt to provide talks

    suitable for people new to data security. Such

    presentations were not particularly relevant for the delegates thoroughly versed in security,

    and some delegates commented upon this matter in general conversation. I believe such a view is short-sighted - introductory talks are vitally important for the future. They attract the

    interest of new people. Perhaps the level at which a talk is to be pitched should be clearly marked on the conference agenda.

    For me the outstanding talk was given by David Chaum from the Centre for Mathematics and Computer Science in the Netherlands,

    entitled Highly Secure but Untraceable Transactions. Indeed, this was one of the most fascinating presentations I have seen at a conference in a long time. Stripped to its

    bare bones, and I apologize to the author for my severe paraphrasing, the presentation described mathematical processes which

    facilitate a system of electronic cash which can

    operate securely without requiring the recipient of a payment (the shop) to be on-line to the organization providing the cash for the system (the bank).

    Each user would request that his bank securely transfer an amount of money to him in the form of computer digits. The user stores

    these, and transfers the required amount in the shop when he wishes to make a payment. The shop settles with the bank at some future

    o 1988 Elsevier Science Publishers Ltd., England. /88/$0.00 + 2.20

    COMPUTER FRAUD 81 No part of this publication may be reproduced, stored in a retrieval system, or transmitted by any form or by any

    SECURITY BULLETIN means. electronic. mechanical, photocopying. recording or otherwise, without the prior permission of the publishers. (Readers in the U.S.A. -please see special regulations listed on back cover.)

  • Vol. 11, No. 1. PaQe 22

    date. This system has been developed at the very time when EFTPoS systems are being installed which connect shops on-line to the banking network so that payments can be securely validated in a timely manner. If secure settlement can be achieved with the

    shop communicating with the bank at a later time of the shops choice, what price EFTPoS systems? Think about it.

    Even if I were capable of completely keeping up with the intricate mathematics, this

    article is not the place to go into a detailed discussion of the means whereby such transfers take place not only in a very secure

    manner, but also untraceably. However, it should be explained in passing that the system

    acts very like physical cash, as the bank has no means of knowing exactly where an individual makes specific payments. If a user

    so chooses, he can reveal certain numbers to

    prove that he made a certain payment. Note

    that this is under the control of the user, not

    the shop or the bank.

    Although extremely thought-provoking, the

    subject matter of this presentation is new, and could have problems which only come to light after further scrutiny. Time will tell. Better people than I are no doubt looking at the

    mathematics to check that the process is secure within reasonable bounds.

    Other presentations that provoked further thought were:-

    Data security within the Financial industry from Henry Beker of Racal Guardata which discussed an actual implementation of a world-wide banking system, and the security choices made during its implementation. Many of these were constrained on the grounds of cost. The talk stressed the need to keep security in perspective. Both fraud and security cost money - the aim must be to draw a balance minimizing fraud costs totalled with the extra money spent on security systems. I could not agree more.

    Standards of Security from Wyn Price of the UK National Physical Laboratory. A

    Q 1988 Elsevier Science Publishers Ltd., England. /88/$0.00 + 2.20

    COMPUTER FRAUD & No part of this publication may be reproduced, stored in a rctricval system. or transmitted by any form or by any

    SECURITY BULLETIN means. electronic. mechanical, photocopying, recording or otherwise. without the prior permission of the publishers. (Readers in the U.S.A.-please see special regulations listed on back cover.)

    presentation about the ISO, ANSI and BSI standards which are already extant (or soon will be) in the field of security. This is an important area. If computer systems are to communicate globally in a secure manner, it is imperative that they talk to each other in the same way. Standards are the best way of achieving this. Conversely as a personal opinion, I would venture that an incomprehensible or difficult to achieve standard is worse than not having a standard in the first place. The work on getting standards correct is important.

    Transputers and Security from Denis Nicole of the University of Southampton. This talk outlined the possibilities of transputer technology but left me pondering the reasons for its relative lack of success. This is a shame as the technical possibilities of the transputer seem to have got lost amongst the past financial problems of Inmos, the move to Thorn EMl,and the relatively high cost of each transputer chip. I just wonder whether if other companies had been concerned in the marketing and development, we would have had high-power building blocks such as the transputer available for a few pounds each.

    Lastly, COMPSEC 88 also included a

    play. Indeed a play specifically about data security, hacking and banks called The

    Hacker and the Malevolent Employee. The cast did a good job of presenting an intriguing story of people getting into financial difficulties, being offered a way out using fraudulent transactions, and implementing a series of payments which concluded with f 1 million in

    various Swiss banks. The most thought-provoking points were that it was

    relatively easy to carry out the fraud, and that people were easily drawn into it even though

    they had no previous intentions in this direction. In the end many people were responsible. Everybody has their price, I

    suppose, and the bank was the one that ended up paying this price. The play was written, acted and presented in a most professional manner.