Susan Lauber - INLS187 - Fall 2004
The secure transfer of information is already an important topic for many people. Companies wish to allow employees access to information without allowing corporate spies to access the information. Customers expect access to certain information to be available to them but at the same time expect privacy of their personal information. Publications made available in electronic form may still fall under copyright protections and a publisher or author wants to ensure that the document is used in an appropriate manner.
Over the next few years, I expect a dramatic growth in wireless networking and several issues need to be addressed for this to work. There are technical challenges, interface challenges, and security challenges to be investigated.
First there are some technical challenges. Telecommunications has provided a network for phone and Internet access through those phones. Also, PDAs have expanded to double as phones and also have Internet access from anywhere and even as a person moves from one place to another. However, bandwidth is likely to become an issue for these phone connections, just as it has for the home user over the past few years. Also, what will happen with other computers, including laptops? Most laptops are now sold with built in WiFi, but this technology is still usually used in connection with fixed access points. War driving may find additional available points, but in general, it is not a seamless process to drive around changing from one network segment to another the way that cell phones are designed. Several years ago I worked on a network where the WiFi would switch access points and IP Addresses with few drops. This was all in one company though, with a lot of distributed authentication using Kerberos tokens. What will it take for all the WiFi providers to work together and let a user have one provider and move across any of the networks? Today you need an account with one company to work in the airport and Starbucks such as T-mobile and another to work in the hotel room such as Boingo or an independent vendor.
The interface challenges are already being addressed. There are many applications that are now available on small screen devices. There are style sheets associated with web paged that adapt the output according to the screen type that is being used. There are academic studies on designing for small screen devices. A search in the ACM digital library on “small screen devices” obtains 200 hits as does a search for “mobile Internet”. Results include the RSVP Browser which uses Rapid Serial Visual Presentation (RSVP) for navigation information when browsing. Another suggestion is a collapse to zoom exploration strategy.
As the technology expands and the interfaces improve, security also needs to be addressed. How will we handle connection authentication? Will there be excessively more spoofing as there are more mobile users? What about integrity of the transfers of data as a device switches from one network segment to another? Will transaction error checking need to change? Will encryption signing of data be the answer to both authenticity and integrity? How will Digital Rights Management (DRM) grow as more information is in only an electronic form? What is the balance point between making sure that data gets updated timely by using PDAs for recording patient records in a hospital and keeping that data secure and meeting HIPPA regulations?
Encryption has been the answer to many information security concerns. A too common thought is that if the data is encrypted, we can pass it around wireless networks without worry. Public and Private key pairs can be used to ensure that only the intended recipient can open a message or document. Encrypting everything, however, is not really feasible. How will control the distribution and trust of the public keys? Some capabilities are built into mail programs such as Lotus Notes but much is still too manual of a process for the general public. How will be handle information retrieval with a language that is not understood? An encrypted file is garbage to an IR system. Signing a document can be used to verify authenticity of the sender or author. This will help with Digital Rights Management as far as authenticity and origin, but does not control distribution in any way. These encryption tools appears helpful for current point to point transfers of materials. They do not, however, handle all the security needs of access control.
Traditional security has relied on Discretionary Access Control (DAC) where the owner of the object sets the permissions for access to the object. This has been extended in some part to the use of Mandatory Access Control (MAC) which is required for the US Government TCSEC B1 certification. MAC required system wide policy that cannot be changed by the users. Both of these methods restrict the release of information but not the propagation of information. The most recent answer has been Role Based Access Control (RBAC) which was introduced in the early 1990's. Users are assigned roles in the organization and operations including file access or fields in a database are also assigned roles.
The RBAC standard was accepted by ANSI/INCITS in February of 2004 and is being incorporated into several commercial applications. There is RBAC in database applications and some web applications. It is also needed in operating systems and is already being incorporated into Security Enhanced Linux (SELinux). I expect it to continue to grow in popularity over the next few years.
The next step may be to encode access control into the object itself. This would be particularly popular for digital rights management. A document can be passed around the Internet from system to system and user to user and still be read only. No modifications can be made to the object at all. Encryption signing only shows that a change has been made, not who or when or where. It also does not prevent a change to an object. Digital rights management may also want to include more “time-bombs” into objects. For instance the DVD movies that are not playable after a period of time or software that knows it has been installed and forces payment for a new license when installed an additional time. How about an object that can only be forwarded to a maximum number of systems or users? A publisher knows that 500 copies of a book were published and more than that are pirated copies. Will we ever be able to track the number of copies of an electronic object?
The IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS contains an article about ”Language Based Information Flow Security”. The authors discuss a system must have end-to-end security. They use a security-typed language and also mentions semantic-based security models. Java is an example of a language with some built in security. It does not, however, control information flow. I expect we will see more developments for security at this level as well in the near future.
Sources:
O. de Bruijn, R. Spence, M. Y. Chong. “RSVP Browser: Web Browsing on Small Screen Devices”. Personal and Ubiquitous Computing, Volume 6 Issue 4, January 2002
Patrick Baudisch, Xing Xie, Chong Wang, Wei-Ying Ma. “Manipulating space: Collapse-to-zoom: viewing web pages on small screen devices by interactively removing irrelevant content”. Proceedings of the 17th annual ACM symposium on User interface software and technology. October 2004.
http://www.wi-fihotspotlist.com/
"An Introduction to Role Based Access Control" NIST CSL Bulletin on RBAC. December, 1995. http://csrc.nist.gov/rbac/NIST-ITL-RBAC-bulletin.html
Sabelfeld, Andrei and Andrew C. Myers. ”Language Based Information Flow Security”. IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 21, NO. 1, JANUARY 2003