DARPA Wants Research into Resilient Anonymous Communications
DARPA is funding research into resilient anonymous communications systems.
Entries Tagged "resilience"
Page 1 of 4
The Digital Security Exchange Is Live
Last year I wrote about the Digital Security Exchange. The project is live:
The DSX works to strengthen the digital resilience of U.S. civil society groups by improving their understanding and mitigation of online threats.
We do this by pairing civil society and social sector organizations with credible and trustworthy digital security experts and trainers who can help them keep their data and networks safe from exposure, exploitation, and attack. We are committed to working with community-based organizations, legal and journalistic organizations, civil rights advocates, local and national organizers, and public and high-profile figures who are working to advance social, racial, political, and economic justice in our communities and our world.
If you are either an organization who needs help, or an expert who can provide help, visit their website.
Note: I am on their advisory committee.
Buzzword Watch: Prosilience
Summer Fowler at CMU has invented a new word: prosilience:
I propose that we build operationally PROSILIENT organizations. If operational resilience, as we like to say, is risk management “all grown up,” then prosilience is resilience with consciousness of environment, self-awareness, and the capacity to evolve. It is not about being able to operate through disruption, it is about anticipating disruption and adapting before it even occurs—a proactive version of resilience. Nascent prosilient capabilities include exercises (tabletop or technical) that simulate how organizations would respond to a scenario. The goal, however, is to automate, expand, and perform continuous exercises based on real-world indicators rather than on scenarios.
I have long been a big fan of resilience as a security concept, and the property we should be aiming for. I’m not sure prosilience buys me anything new, but this is my first encounter with this new buzzword. It would certainly make for a best-selling business-book title.
Security vs. Business Flexibility
This article demonstrates that security is less important than functionality.
When asked about their preference if they needed to choose between IT security and business flexibility, 71 percent of respondents said that security should be equally or more important than business flexibility.
But show them the money and things change, when the same people were asked if they would take the risk of a potential security threat in order to achieve the biggest deal of their life, 69 percent of respondents say they would take the risk.
The reactions I’ve read call this a sad commentary on security, but I think it’s a perfectly reasonable result. Security is important, but when there’s an immediate conflicting requirement, security takes a back seat. I don’t think this is a problem of security literacy, or of awareness, or of training. It’s a consequence of our natural proclivity to take risks when the rewards are great.
Given the option, I would choose the security threat, too.
In the IT world, we need to recognize this reality. We need to build security that’s flexible and adaptable, that can respond to and mitigate security breaches, and can maintain security even in the face of business executives who would deliberately bypass security protection measures to achieve the biggest deal of their lives.
This essay previously appeared on Resilient Systems’s blog.
Peter Neumann Profile
Really nice profile in the New York Times. It includes a discussion of the Clean Slate program:
Run by Dr. Howard Shrobe, an M.I.T. computer scientist who is now a Darpa program manager, the effort began with a premise: If the computer industry got a do-over, what should it do differently?
The program includes two separate but related efforts: Crash, for Clean-Slate Design of Resilient Adaptive Secure Hosts; and MRC, for Mission-Oriented Resilient Clouds. The idea is to reconsider computing entirely, from the silicon wafers on which circuits are etched to the application programs run by users, as well as services that are placing more private and personal data in remote data centers.
Clean Slate is financing research to explore how to design computer systems that are less vulnerable to computer intruders and recover more readily once securityis breached.
Stopping Terrorism
Nice essay on the futility of trying to prevent another 9/11:
“Never again.” It is as simplistic as it is absurd. It is as vague as it is damaging. No two words have provided so little meaning or context; no catchphrase has so warped policy discussions that it has permanently confused the public’s understanding of homeland security. It convinced us that invulnerability was a possibility.
The notion that policies should focus almost exclusively on preventing the next attack has also masked an ideological battle within homeland-security policy circles between “never again” and its antithesis, commonly referred to as “shit happens” but in polite company known as “resiliency.” The debate isn’t often discussed this way, and not simply because of the bad language. Time has not only eased the pain of that day, but there have also been no significant attacks. “Never again” has so infiltrated public discourse that to even acknowledge a trend away from prevention is considered risky, un-American. Americans don’t do “Keep Calm and Carry On.” But if they really want security, the kind of security that is sustainable and realistic, then they are going to have to.
There’s a lot of good material in this essay.
And on a related topic, an essay and commentary on overhyping the threat of terrorism at the London Olympics.
Preventive vs. Reactive Security
This is kind of a rambling essay on the need to spend more on infrastructure, but I was struck by this paragraph:
Here’s a news flash: There are some events that no society can afford to be prepared for to the extent that we have come to expect. Some quite natural events—hurricanes, earthquakes, tsunamis, derechos—have such unimaginable power that the destruction they wreak will always take days, or weeks, or months to fix. No society can afford to harden the infrastructure that supports it to make that infrastructure immune to such destructive forces.
Add terrorism to that list and it sounds like something I would say. Sometimes it makes more sense to spend money on mitigation than it does to spend it on prevention.
On Soft Targets
Stratfor has an interesting article.
Resilience
There was a conference on resilience (highlights here, and complete videos here) earlier this year. Here’s an interview with professor Sander van der Leeuw on the topic. Although he never mentions security, it’s all about security.
Any system, whether it’s the financial system, the environmental system, or something else, is always subject to all kinds of pressures. If it can withstand those pressures without really changing its behavior, then it’s robust. When a system can’t withstand them anymore but can deal with them by integrating some changes so the pressures fall off and it can keep going, then it’s resilient. If it comes to the point where the only choices are to make fundamental structural changes or to cease existence, then it becomes vulnerable.
And:
I’ve worked a lot on the end of the Roman Empire. Let’s go back to sometime before the end. The Roman Empire expands all around the Mediterranean and becomes very, very big. It can do that because wherever it goes, it finds and then takes away existing treasure that has been accumulated over the centuries before. That treasure pays for the army, it pays for the administration, it pays for everything. But there’s a certain moment, beginning in the third century, when there is no more treasure to be had. The empire has already taken in all of the civilized world. At that point, to maintain its administration and military and feed its poor, it must depend basically on the annual yield of agriculture, or the actual product of solar energy. At the same time, the empire becomes less attractive because it has less to offer, because it has less extra energy. So now it has to deal with all kinds of unrest, and ultimately, the energy that it has available for its administration is no longer sufficient to maintain the empire. So between the third century and the fifth century, the empire has to make changes. That is the period when it adapts its behavior to all kinds of pressures. That is the resilience period. At the end of that period, when it is no longer able to maintain that, it quickly becomes vulnerable and falls apart.
And here’s sort of a counter-argument, that resilience in national security is overrated:
But it can go wrong. Rebuilding a community that sits in a flood zone shows plenty of resilience but less wisdom. American Idol contestants who have no singing ability but compete year after year are resilient—and delusional. Winston Churchill once joked that success is the ability to go from failure to failure without losing your enthusiasm. But there is a fine line between perseverance and stupidity. Sometimes it is better to give up and pursue a different course than continuing down the same failing path in the face of adversity.
The potential problems are particularly acute in foreign affairs, where effective resilience requires a tireless effort to adapt to changes in the threat environment. In the world of national security, bad things don’t just happen. Thinking, scheming people cause them. Allies and adversaries are constantly devising new ways to serve their own interests and gain advantage. Each player’s move generates countermoves, unintended consequences, and unforeseen ripple effects. Forging an alliance with one insurgent group alienates another. Hardening some terrorist targets leaves others more vulnerable. Supporting today’s freedom fighters could be arming tomorrow’s enemies. Effective resilience in this realm is not just bouncing back and trying again. It is bouncing back, closing the weaknesses that got you there in the first place, and trying things differently the next time. Adaptation is key. A country’s resilience hinges on being able to adapt to continuously changing threats in the world.
Honestly, this essay doesn’t make much sense to me. Yes, resilience can be done badly. Yes, relying solely on reslience can be sub-optimal. But that doesn’t make resilience bad, or even overrated.
EDITED TO ADD (7/14): Paper on resilience and control systems.
When Investigation Fails to Prevent Terrorism
I’ve long advocated investigation, intelligence, and emergency response as the places where we can most usefully spend our counterterrorism dollars. Here’s an example where that didn’t work:
Starting in April 1991, three FBI agents posed as members of an invented racist militia group called the Veterans Aryan Movement. According to their cover story, VAM members robbed armored cars, using the proceeds to buy weapons and support racist extremism. The lead agent was a Vietnam veteran with a background in narcotics, using the alias Dave Rossi.
Code-named PATCON, for “Patriot-conspiracy,” the investigation would last more than two years, crossing state and organizational lines in search of intelligence on the so-called Patriot movement, the label applied to a wildly diverse collection of racist, ultra-libertarian, right-wing and/or pro-gun activists and extremists who, over the years, have found common cause in their suspicion and fear of the federal government.
The undercover agents met some of the most infamous names in the movement, but their work never led to a single arrest. When McVeigh walked through the middle of the investigation in 1993, he went unnoticed.
The whole article is worth reading.
Sidebar photo of Bruce Schneier by Joe MacInnis.