By: Can Highly Secure Computing Defeat Cybercrime?
Cyber-Security is Based on Health Model
The EastWest Institute report claims that cyber-security is incorrectly based on the public health model of education, monitoring, epidemiology, immunization and incident response, but this model does not safeguard systems, even against petty criminals.
Many Prefer a Military Model
A military model is based on “active defense,” meaning “hack back and deter.” But massive surveillance goes with it, which upsets the public, is destabilizing, and can escalate.
Critique of Active Defense
Active defense profiles and retaliates against attackers. They are identified through forensic data traces in networks and where attacks occur. Active defense also includes preemptive hacking of foreign IT environments of both adversaries and allies, which can be provocative. The goal: threaten, discourage, or deter hackers.
Yet, Exposing Identity No longer Deters
China's APT-1 group, a military cyber-espionage unit, hardly bothered to disguise itself and did not seem to care about covering its tracks, according to the report.
Ripe Time For Preventive High-Security IT
The report asks, “Why not get the basic technology secured so no one can attack strategically critical systems in devastating ways in the first place?
Defining Highly Secure Computing
Highly Secure Computing (HSC) accepts the idea that it is not possible to construct totally secure computing systems and admits that they can be only “highly secure.” But being highly secure will greatly reduce active defense and surveillance. This new paradigm matches the actual threat, whereas military active defense is more dangerous than helpful, according to the report.
Fundamental Elements of HSC
Widely deploying unconventional ideas spawned in research laboratories could permanently solve much of the cyber-security problem, the report says. These ideas include architectural redesign, data flows, minimal complexity, language and reducing network dependency.
Architectural Redesign
Von Neumann architecture does not distinguish between data and programs, so attackers force computers to read data that make it execute a program differently, therefore installing an attack. The EastWest report advocates the Harvard Architecture, which distinguishes between data and executables and makes attacks more difficult.
Data Flows
Disallow flow of legitimate activity from one IT environment to another, making it harder for an attacker to navigate inside the system. OSs would not execute different kinds of code in different functional segments.
Minimal Complexity
Reduce computational complexity with microkernels. Today's Oss have tens of millions of lines of code that are exploitable, but a system with only 10,000 lines can be checked rigorously.
Language
As with spoken language, the same expression can mean different things in computer languages. Attacks on computer networks intentionally cause divergent interpretations. The report recommends reducing language complexity and expressiveness to reduce misinterpretation.
Reduce Network Dependency
Disconnect what does not have to be accessible through large external networks, like power plants for production facilities, thereby minimizing the scale of the risks.
