skip to main content
column

The epistemology of computer security

Published: 03 December 2009 Publication History

Abstract

This paper studies computer security from first principles. The basic questions "Why?", "How do we know what we know?" and "What are the implications of what we believe?"

References

[1]
Adee, Sally, "The Hunt for the Kill Switch", IEEE Spectrum, Vol. 45, No. 5, May 2008 http://www.spectrum.ieee.org/semiconductors/design/the-hunt-for-the-kill-switch
[2]
Anderson, Emory A., Cynthia E. Irvine, Roger R. Schell, "Subversion as a Threat in Information Warfare", Journal of Information Warfare, Space and Naval Warfare (SPAWAR) SC Vol. 3. No. 2, pp 51--64, June 2004. http://cisr.nps.edu/downloads/04paper_subversion.pdf (Exhibits a "hall of mirrors" mindset).
[3]
Anderson, Ross, "On the Limits of Steganography", IEEE Journal of Selected Areas in Communications, Vol. 16, No. 4, May 1998, PP 474--481. http://www.cl.cam.ac.uk/~rja14/Papers/jsac98-limsteg.pdf
[4]
Anderson, Ross, Security Engineering, Wiley, 2008.
[5]
Bell, David Elliot, "Looking Back at the Bell-La Padula Model", Proceedings of the 21st Annual Computer Security Applications Conference, pp 337--351. http://www.acsac.org/2005/papers/Bell.pdf
[6]
Bell, David Elliot, "Looking Back: Addendum", 22nd Annual Computer Security Applications Conference, Miami, FL, December, 2006. http://www.selfless-security.org/presentations/Bell_LBA.pdf
[7]
Berg, Michael, "Advanced Malware Trends", Information and Cyberspace Symposium, September 22 - 24, 2008 http://usacac.army.mil/CAC2/CEW/repository/presentations/6_%20ICS-2008-SNL-Berg.pdf
[8]
Bishop, Matt, Computer Security, Addison Wesley, 2003.
[9]
Bishop, Matt, Helen Armstrong, "Uncovering Assumptions in Information Security", Proceedings of the Fourth World Conference on Information Security Education, May 18 2005, pp. 223--231. http://nob.cs.ucdavis.edu/bishop/papers/2005-wise4/
[10]
Bishop, Matt, "Who Owns Your Computer", IEEE Security and Privacy, Volume 4, Issue 2, Mar.-Apr. 2006, pp. 61--63.
[11]
Bishop, Matt, "About Penetration Testing", IEEE Security and Privacy, Volume 5, Issue 6, Nov.-Dec. 2007, pp. 84--87.
[12]
Bishop, Matt, Sophie Engel, Sean Peisert, Sean Whalen, Carrie Gates, "We Have Met the Enemy and He is Us", Proceedings of the 2008 New Security Paradigms Workshop (NSPW), September 2008. http://www.cs.ucdavis.edu/~peisert/research/2008-NSPW-Insider-BEGPW.pdf (An attempt to model free will, so as to securely constrain it)
[13]
Bishop, Matt, Sophie Engel, Sean Peisert, Sean Whalen, Carrie Gates, "Case Studies of an Insider Framework", HICSS, pp. 1--10, 42nd Hawaii International Conference on System Sciences, 2009. http://www.cs.ucdavis.edu/~peisert/research/2009-BEGPW-HICSS-Insider.pdf
[14]
Boebert, William E., Robert Y. Kain, "A Further Note on the Confinement Problem", Security Technology, 30th Annual 1996 International Carnahan Conference, 2-4 Oct 1996, pp. 198--202.
[15]
Boebert, Earl, "Some Thoughts on the Occasion of the NSA Linux Release", Linux Journal, Jan 24, 2004 http://www.linuxjournal.com/print/4963
[16]
Borges, Jorge Luis, "The Analytical Language of John Wilkins", Jorge Luis Borges, Other inquisitions 1937-1952, translator Ruth C. L. Simms, Texas Press, 1993. http://www.alamut.com/subj/artiface/language/johnWilkins.html ("It is clear that there is no classification of the Universe not being arbitrary and full of conjectures. The reason for this is very simple: we do not know what thing the universe is.")
[17]
Broad, William J., "U.S. Releases Secret List of Nuclear Sites Accidentally", The New York Times, June 3, 2009. http://www.nytimes.com/2009/06/03/us/03nuke.html?ref=global-home http://www.fas.org/nuke/guide/usa/sites.pdf
[18]
Cappelli, Dawn M., Randall F. Trzeciak, "Best Practices For Mitigating Insider Threat: Lessons Learned From 250 Cases", RSA Conferences 2009. http://www.cert.org/archive/pdf/RSA-CERT-InsiderThreat.pdf
[19]
Chan, Ellick M., Jeffrey C. Carlyle, Francis M. David, Reza Farivar, Roy H. Campbell, "BootJacker: Compromising Computers using Forced Restarts", Conference on Computer and Communications Security (CCS'08), ACM October 2008, pp. 555--564.
[20]
Cohen, Fred, "Experiments with Computer Viruses", 1984. http://all.net/books/virus/part5.html (The very first computer virus experiment.)
[21]
Cohen, Fred, "Current Best Practice Against Computer Viruses", 1991. Proceedings. 25th Annual 1991 IEEE International Carnahan Conference on Security Technology, Oct 1-3 1991 pp. 261--270 (Why isn't this referenced more often?)
[22]
Coram, Robert, Boyd: The Fighter Pilot Who Changed The Art of War, Back Bay Books, 2002 http://www.belisarius.com/modern_business_strategy/boyd/destruction/destruction_and_creation.htm
[23]
David, Francis M., Ellick M. Chan, Jeffrey C. Carlyle, Roy H. Campbell, "Cloaker: Hardware Supported Rootkit Concealment", Proceedings of the 2008 IEEE Symposium on Security and Privacy, 2008, pp. 296--310.
[24]
Deibert,Ronald, et al, "Tracking GhostNet: Investigating a Cyber Espionage Network", Information Warfare Monitor, Munk Centre, JR02-2009, March 29, 2009. http://www.infowar-monitor.net/ghostnet http://cryptome.org/ghostnet.zip
[25]
Denning, Dorothy E., "The Limits of Formal Security Models", National Computer Systems Security Award Acceptance Speech, Oct 18, 1999. www.cs.georgetown.edu/~denning/infosec/award.html
[26]
Drew, Christopher, John Markoff, "Cyberwar: Contractors Vie for Plum Work, Hacking for U.S.", The New York Times, May 31, 2009. http://www.nytimes.com/2009/05/31/us/31cyber.html
[27]
EFF Staff, "Unintended Consequences: Ten Years under the DMCA", Electronic Frontier Foundation, October 2008. http://www.eff.org/wp/unintended-consequences-ten-years-under-dmca
[28]
Butler, Ricky W., George B. Fanelli, "The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software" IEEE Transactions on Software Engineering, Vol. 19, No. 1, January 1993.
[29]
Halderman, J. Alex, Seth D. Schoen, Nadia Heninger, William Clarkson, william Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, Edward W. Felton, "Lest We Remember: Cold-Boot Attacks on Encryption Keys", CACM Vol. 52, No. 5, May 2009 pp. 91--98.
[30]
Harris, sidney, "I think you should be more explicit here in step two", American Scientist, 1977. http://www.sciencecartoonsplus.com/gallery.php
[31]
Harrison, Michael A., Walter L. Ruzzo, Jeffrey D. Ullman, "Protection in Operating Systems", CACM, Vol. 19, No. 8., 1976.
[32]
Karger, Paul, Roger R. Schell, "Thirty Years Later: Lessons from the Multics Security Evaluation", Computer Security Applications Conference, 2002. Proceedings. pp 119--126. http://www.acsac.org/2002/papers/classic-multics.pdf (See {64}. Fundamental security is a matter of will; as such it can only come about through politics.)
[33]
Kilgannon, Corey, Noam Cohen, "Cadets Trade the Trenches for Firewalls", New York Times, May 11, 2009, p. A1. http://www.nytimes.com/2009/05/11/technology/11cybergames.html?_r=1
[34]
King, Samuel T., Peter M. Chen, Yi-Min Wang, Chad Verbowski, Helen J. Wang, Jacob Rl Lorch, "SubVirt: implementing malware with virtual machines", IEEE Symposium on Security and Privacy, May 21-24, 2006.
[35]
King, Samuel T., Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, Yuanyuan Zhou, "Designing and implementing malicious hardware", Proceedings of the First USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), April 2008. http:// www.usenix.org/event/leet08/tech/full_papers/king/king.pdf
[36]
Kohn, Alexander, "Principles and Methods of Obscurantism", CA: A Cancer Journal for Clinicians, Vol. 20, No. 6, 1970, pp 360--364. http://caonline.amcancersoc.org/cgi/reprint/20/6/360.pdf
[37]
Landau M., R. Stout Jr., "To Manage is Not to Control: or the Folly of Type II Errors", Public Administration Review, March/April 1979, pp 148--156.
[38]
Littlewood, Bev, Sarah Brocklehurst, Norman Fenton, Peter Mellor, Stella Page, David Wright, John Dobson, John Mcdermid, Dieter Gollmann, "Towards Operational Measures of Computer Security", Journal of Computer Security, Vol. 2, 1993, pp. 211--229. http://www.csr.city.ac.uk/people/bev.littlewood/bl_public_papers/Measurement_of_security/Quantitative_security.pdf
[39]
Littlewood, Bev, Lorenzo Strigini "Validation of ultrahigh dependability for software-based systems", Communications of the ACM, 1993 Vol. 36, pp. 69--80. (One could make the argument that after this citation, there may be nothing left to add on software reliability.)
[40]
Loscocco, Peter A., Stephen D. Smalley, Patrick A. Muckelbauer, Ruth C. Taylor, S. Jeff Turner, John F. Farrell "The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments", Proceedings of the 21st National Information Systems Security Conference, 1998. http://www.cs.utah.edu/flux/fluke/html/inevitability.htm (Dinosaur thinking, not without consequences. Trusted platform are a modern reclaiming of the Orange Book's Trusted Path {40}.)
[41]
Mackenzie, Donald, Mechanizing Proof, MIT Press, 2001.
[42]
Markoff, John, "Thieves Winning Online War, Maybe in Your PC", The New York Times, December 6, 2008 http://www.nytimes.com/2008/12/06/technology/internet/06security.html?_r=1&partner=rss
[43]
Markoff, John, "Vast spy system loots computers in 103 countries, researchers say", Sunday Boston Globe, March 29, 2009 http://www.boston.com/news/world/asia/articles/2009/03/29/vast_spy_system_loots_computers_in_103_countries_researchers_say/
[44]
McLean, John, "A Comments on the 'Basic Security Theorem' of Bell and LaPadula", Information Processing Letters, Vol. 20, 1985, pp. 67--70.
[45]
Pfleeger, Charles P., Shari Lawrence Pfleeger, Security In Computing, Prentice Hall, 2007.
[46]
Provos, Neils, Moheeb Abu Rajab, Panayiotis Mavrommatis, "Cybercrime 2.0: When the Cloud Turns Dark", CACM Vol 53, No. 4, April 2009.
[47]
Quist, Danny, Valsmith, "Covert Debugging: Circumventing Software Armoring Techniques", Black Hat USA, 2007. http://mwdl.offensivecomputing.net/bhusa2007/dquist-valsmith-covert-debugging-paper.pdf
[48]
Robin, John Scott, Cynthia E. Irvine, "Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine Monitor", Proceedings of the 9th USENIX Security Symposium, Denver, CO, August 2000. http://www.cs.nps.navy.mil/people/faculty/irvine/publications/2000/VMM-usenix00-0611.pdf
[49]
Roiter, Neil, "Intel Trusted Execution Technology is flawed, Black Hat researchers show", Information Security, Feb 18, 2009. http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1348472,00.html
[50]
Rolden, Raul, Inez Miyamoto, Tini Leon, "FBI Criminal Investigation: Cisco Routers", FBI, January 11, 2008 http://www.donkeyonawaffle.org/OMB%20briefing%202008%2001%2011%20a.ppt
[51]
Rowe, Neil C., "A Taxonomy of Deception in Cyberspace", International Conference in Information Warfare and Security, Princess Anne, MD, March 2006. http://faculty.nps.edu/ncrowe/rowe_iciw06.htm
[52]
Rutkowska, Joanna, "Introducing Stealth Malware Taxonomy", COSEINC Advanced Malware lab, Version 1.01, November 2006 http://www.invisiblethings.org/papers/malware-taxonomy.pdf
[53]
Rutkowska, Joanna, "Beyond the CPU: Defeating Hardware Based RAM Acquistion", Black Hat DC 2007, Feb. 28, 2007 http:// www.blackhat.com/presentations/bh-dc-07/Rutkowska/Presentation/bh-dc-07-Rutkowska-up.pdf
[54]
Rutkowska, Joanna, "Thoughts about Trusted Computing", Invisible Things Lab, EuSecWest May 27-28, 2009 http://invisiblethingslab.com/resources/misc09/trusted_computing_thoughts.pdf
[55]
Saltzer, J.H., Reed, D.P., Clark, D.D., "End-to-end Arguments in System Design", ACM Transactions on Computer Systems (TOCS), Vol. 2, No. 4, November 1984, pp. 277--288. http://web.mit.edu/Saltzer/www/publications/endtoend/endtoend.pdf
[56]
Schaefer, Robert, "The Grand Theory of Everything: What Man-Made Systems Are, and Why They Fail", ACM SIGSOFT Software \ Engineering Notes, Volume 32, Number 4, July 2007.
[57]
Schaefer, Robert, "Software Maturity: Design as Dark Art", ACM SIGSOFT Software Engineering Notes, Vol. 34, No. 1, January 2009.
[58]
Schneier, Bruce, "CRYPTO-GRAM", March 15, 2009 (See the section "Insiders".) http://www.schneier.com/crypto-gram-0903.htmll#4
[59]
Seuss, Dr., The Sneetches and Other Stories, Random House, 1961.
[60]
Sibert, Olin W., "Malicious Data and Computer Security", Proceedings of the 19th National Information Systems Security Conference, 1996 http://csrc.nist.gov/nissc/1996/papers/NISSC96/paper048/MALDATA.PDF (Quote: "Software developers are responsible for blurring the distinction between programs and data" - Von Neumann is rolling in his grave.).
[61]
Spafford, Eugene H., "Privacy and Security: Answering the Wrong Questions is no Answer", CACM, Vol. 52, No. 6, June 2009.
[62]
Staff, "Common Criteria Evaluation and Validation Scheme Validation Report", National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme, BAE Systems Information Technology, LLC XTS-400 / STOP 6.1.E, CCEVS-VR-05 0094, 1 March 2005 http://www.niap-ccevs.org/cc-scheme/st/ST_VID3012-VR.pdf
[63]
Stove, David, "What is Wrong with Our Thoughts?", The Plato Cult and Other Philosophical Follies, Ch. 7, Blackwell, 1991 http://web.maths.unsw.edu.au/~jim/wrongthoughts.html
[64]
Summit, Steve, "Retrospective Karger/Schell paper on Multics Security Evaluation", Forum on Risks to the Public in Computers and Related Systems ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator, Vol. 22, No. 5, Sept. 23, 2002 http://catless.ncl.ac.uk/Risks/22.25.html#subj5
[65]
Talbot, David, "Dissent Made Safer", MIT Technology Review, May/June 2009. http://www.technologyreview.com/computing/22427/
[66]
Thompson, Ken, "Reflections on Trusting Trust", CACM, August 1984, pp. 761--763.
[67]
Tzu, Sun, The Art of War, Trans. Thomas Cleary, Shambala, July 2003.
[68]
Wadlow, Thomas, Vlad Gorelik, "Security in the Browser", CACM, Vol.52, No. 5, May 2009.
[69]
Wiessman, Clark, "Blacker: Security for the DDN", Proceedings Research in Security and Privacy, 1992, IEEE Computer Society Symposium on Research and Privacy, May 4-6 1992, pp. 286--292.
[70]
Wikipedia Contributors, "Biba Model", Wikipedia, The Free Encyclopedia, November 8, 2008 http://en.wikipedia.org/wiki/Biba_Model
[71]
Wikipedia Contributors, "Celestial Emporium of Benevolent Knowledge's Taxonomy", Wikipedia, The Free Encyclopedia, December 14, 2008 http://en.wikipedia.org/wiki/Celestial_Emporium_of_Benevolent_Recognition (References referenced by this reference indicate many ways of misunderstanding. See the non-abridged version: {16}).
[72]
Wikipedia Contributors, "Charles Sanders Peirce", Wikipedia, The Free Encyclopedia, May 9, 2009. http://http://en.wikipedia.org/wiki/Charles_Peirce
[73]
Wikipedia Contributors, "Honeypot (computing)", Wikipedia, The Free Encyclopedia, June 9, 2009. http://en.wikipedia.org/wiki/Honeypot_(computing)
[74]
Wikipedia Contributors, "Ladder (Go)", Wikipedia, The Free Encyclopedia, June 4, 2009. http://en.wikipedia.org/wiki/Ladder_(Go)
[75]
Wikipedia Contributors, "Multilevel security", Wikipedia, The Free Encyclopedia, April 2, 2009. http://en.wikipedia.org/wiki/Multilevel_security
[76]
Wikipedia Contributors, " NATO bombing of the People's Republic of China embassy in Belgrade, Wikipedia, The Free Encyclopedia, June 4, 2009 http://en.wikipedia.org/wiki/NATO_bombing_of_the_Chinese_embassy_in_Belgrade
[77]
Wikipedia Contributors, "OODA Loop", Wikipedia, The Free Encyclopedia, April 22, 2009. http://en.wikipedia.org/wiki/OODA_Loop
[78]
Wikipedia Contributors, "Rootkit", Wikipedia, The Free Encyclopedia, May 27, 2009 http://en.wikipedia.org/wiki/Rootkit
[79]
Wikipedia Contributors, "Saul_Alinsky", Wikipedia, The Free Encyclopedia, May 23, 2009. http://en.wikipedia.org/wiki/Saul_Alinsky
[80]
Wikipedia Contributors, "2005 Sony BMG CD copy protection scandal", Wikipedia, The Free Encyclopedia, April 16, 2009 http://en.wikipedia.org/wiki/2005_Sony_BMG_CD_copy_protection_scandal
[81]
Wikipedia Contributors, "Storm botnet", Wikipedia, The Free Encyclopedia, May 13, 2009. http://en.wikipedia.org/wiki/Storm_botnet
[82]
Wohlstetter, Albert, Nuclear Heuristics: Selected Writings of Albert and Roberta Wohlstetter, Eds Robert Zarate, Henry D. Sokolski, Strategic Studies Institute, January 26, 2009 http://www.strategicstudiesinstitute.army.mil/pubs/display.cfm?pubid=893 (Also see http://www.pirp.harvard.edu/pubs_pdf/lipscom/lipscom-p79-3.pdf).
[83]
Xu, J., B. Randell, A. Romanovsky, "A Generic Approach to Structuring and Implementing Complex Fault-Tolerant Software", Proceedings of the 5th IEEE International Symposium on Object-Oriented Real-Time Distributed Computing (ISORC 2002), Washington DC, USA, April-May 2002 pp. 207--214.
[84]
Yodaiken, Victor, "A short note on secure operating systems, Linux, and the Common Criteria, FSMLabs, Undated http://www.yodaiken.com/papers/wrongthreats.pdf

Cited By

View all
  • (2018)On Malfunction, Mechanisms and Malware ClassificationPhilosophy & Technology10.1007/s13347-018-0334-2Online publication date: 12-Nov-2018
  • (2015)Mobile Phone Usage by Low Literate UsersProceedings of the 7th Indian Conference on Human-Computer Interaction10.1145/2835966.2835968(10-18)Online publication date: 17-Dec-2015
  • (2012)Point-and-shoot security designProceedings of the 2012 New Security Paradigms Workshop10.1145/2413296.2413300(27-42)Online publication date: 18-Sep-2012

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM SIGSOFT Software Engineering Notes
ACM SIGSOFT Software Engineering Notes  Volume 34, Issue 6
November 2009
115 pages
ISSN:0163-5948
DOI:10.1145/1640162
Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 December 2009
Published in SIGSOFT Volume 34, Issue 6

Check for updates

Qualifiers

  • Column

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)5
  • Downloads (Last 6 weeks)2
Reflects downloads up to 11 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2018)On Malfunction, Mechanisms and Malware ClassificationPhilosophy & Technology10.1007/s13347-018-0334-2Online publication date: 12-Nov-2018
  • (2015)Mobile Phone Usage by Low Literate UsersProceedings of the 7th Indian Conference on Human-Computer Interaction10.1145/2835966.2835968(10-18)Online publication date: 17-Dec-2015
  • (2012)Point-and-shoot security designProceedings of the 2012 New Security Paradigms Workshop10.1145/2413296.2413300(27-42)Online publication date: 18-Sep-2012

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media