1 / 12

Cyber-Resiliency, Time, and Surveillance: Thoughts and Insights

In this insightful article, Peter Swire discusses the concept of cyber-resiliency, the role of time in resilience, and the intersection of resilience and surveillance. He explores examples of resilient and non-resilient systems, the variation of resilience among populations, and the relationship between surveillance and resilience. Swire also examines the benefits and costs of surveillance in terms of resilience and the impact on the political system.

jimd
Download Presentation

Cyber-Resiliency, Time, and Surveillance: Thoughts and Insights

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Some Thoughts on Cyber-Resiliency, Time, and Surveillance Peter Swire Huang Professor of Law and Ethics Georgia Institute of Technology NAS/NRC Forum on Cyber-Resiliency April 6, 2015

  2. Overview • My initial thoughts when Lynette Millett and Fred Schneider asked: • My favorite example of resilient vs. non-resilient • Resilience is a function of time • Resilience is often unevenly distributed across sub-populations • Thoughts on the intersection of resilience and surveillance

  3. 1. My favorite example of resilientvs. non-resilient • Credit cards • Very resilient; if fraud, cancel and new card almost immediately; some loss during time before cards are canceled • Even more resilient if one-time number (Apple Pay goal), so theft of database creates zero value • Biometrics • Horribly un-resilient • If they get your fingerprint, can’t get a new finger • Database of fingerprints (DNA, retina scans, etc.) thus a perfect example of un-resilient: the credentials are copyable and compromised for millions, with no ready way to use fingerprints reliably for those people

  4. 2. Resilience as a Function of Time • When t -> ∞ • Keynes: “In the long run, we are all dead.” • Swire: “In the long run, all systems are resilient.” • True unless immortality or destruction of all human endeavors • When t -> 0 • The bad thing happens • It is too soon to bounce back • Perhaps others here have a different definition of resiliency, but my common sense is that the typical question is “how resilient over what period of time”

  5. 3. Resilience and Variation Among Populations • In a monoculture world, the speed and quality of resilience is quite similar across the population • In most real systems, by contrast, the speed and quality of resilience will vary • Distribution of and variation in resilience are thus often crucial • Consider the willingness to trust online commerce after a breach – how will the resilience of trust vary across demographics and other populations? • Current example – how much have your views of the US government (and the US tech sector) returned to pre-Snowden levels? Answer about the resilience of trust is highly variable. That is super-important if dealing with the new skeptic.

  6. Thus, Resilience is Not a Yes/No Function • Misleading to say “the system is resilient” or “it is not” • Resilience is a function of time • Roman Empire to Dark Ages to Renaissance, about 1200 years • Resilience varies across populations • Italy, England/Flanders, Russia had Renaissance in different centuries • The fingerprint example • Time - fingerprints useful again in a generation, when have new fingerprints • Fingerprints useful for the sub-population whose fingerprints were not compromised

  7. Part 2: Resilience and Surveillance • What is the relationship between resilience and surveillance? • Upon initial reflection (at least for me) was not obvious • My friends who are good in math • Turn a new and hard problem into a familiar and solved problem • What problem in surveillance can guide our understanding of resilience?

  8. Proposal: Lessons from the Crypto Wars • Surveillance roughly means more knowledge by a powerful agency • If [insert your favorite 3-letter agency here] knows more-or-less everything, is that good or bad for [stopping crime and terrorism] or [making the system resilient]?

  9. The Claimed Benefits of Surveillance • In crypto wars, law enforcement and national security agencies want more access to data: • Detect, catch, and deter “bad guys” • Analogy to resiliency: • When the breach happens,forensics to detect what happened, attribute the attack, and thus learn how to remediate • Block and deter follow-up attacks • Disaster recovery – if a private database is destroyed, surveillance agencies can use their data to help reconstruct

  10. The Claimed Costs of Surveillance • Critiques of weak crypto: • Agency database of keys can become single point of failure – the bad guys get that, they learn everything • If “good” governments have the keys, then “bad” governments will get them (and their criminal friends) • Civil liberties – dangerous to let the government have that data • Analogy to resilience • Agency database can become single point of failure (all the data is breached) • If “good” governments surveil, then easier for “bad” governments • Resilience of the political system – stop surveillance before the secret police get too powerful

  11. Summary on Crypto and Resilience • Analogy of crypto wars to resilience • Surveillance improves resilience: Benefits of more knowledge when the surveillance data is helpful in responding to attacks • Surveillance reduces resilience: Costs of more knowledge when the surveillance data facilitates attacks or impedes response to attacks • Resilience and the political system • Worries in the crypto wars that agencies undermine political system • Worries about resilience of the political system if surveillance goes too far

  12. In Conclusion • My themes: • Big potential harms from non-resilient systems (fingerprints) • Resilience is a function of time • Distributional aspects -- resilience varies among sub-populations • Resilience is thus not a Yes/No attribute • For surveillance, consider the new problem (resilience) based on our understanding of a familiar problem (the crypto wars) • A great pleasure to think about problems in this new framework – “resiliency” • A creative opportunity – not usually easy to fit fingerprints, the Renaissance, and Keynes into a short talk • I look forward to the many other creative approaches we will develop in this Forum

More Related