Skip to main content

2002 - The Year Security Changed

Trustworthy Security was born on a regular Tuesday afternoon, during the month of January in the year of 2002. The security would be about to change drastically, with its front line commander, Bill Gates, telling his troops about his plans. It all started with an email:

From: Bill Gates
Sent: Tuesday, January 15, 2002 5:22 PM
To: Microsoft and Subsidiaries: All FTE
Subject: Trustworthy computing 
The internet was being heavily attacked by many viruses, worms and other applications such as Code Red, Nimda, and LoveLetter. They were about to face a new enemy: Trustworthy Computing 

[0001] What is Trustworthy Computing?


Bill Gates first introduced Trustworthy Computing by sending out an e-mail to more than 50,000 Microsoft employees, defining the moment for both the company's future and the industry.  It is an approach to computer software and hardware aimed to enable security, reliability, privacy and business integrity.  In Bill Gates email, he states one of the primary reasons to push the project forward:

 "In the past, we've made our software and services more compelling for  users by adding new features and functionality, and by making our  platform richly extensible. We've done a terrific job at that, but all  those great features won't matter unless customers trust our software. " - Bill Gates 2002

Trustworthy Computing was introducing a new mindset for software and hardware business: the choice between adding features and resolving security issues.   Creating a Trustworthy Computing environment requires several steps which can be challenging and a slow process. 

[0010] The Four Pillars of Trustworthy Computing

Microsoft when first introduced the concept of Trustworthy Computing specified four core areas in which build up the idea: Security; Privacy; Reliability; and Business Integrity.

Security


This image has an empty alt attribute; its file name is computerworld_security_icon.png


" Information Security- the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measure necessary to detect, document, and counter such threats "   - National Information Systems Security Glossary

Information security applies to many aspects or ideas regarding securing data, not matter in what form ( such as databases, credentials, sensitive data, etc).  It is crucial that companies learn how to manage the vulnerabilities found in their systems, software or hardware products, and how to properly protect their data.  This pillar of Trustworthy Computing depends heavily on three widely accepted elements of information security: Confidentiality, Integrity, and Availability. 

Privacy


This image has an empty alt attribute; its file name is slice432-512.png


 " Privacy- a) the quality or state of being apart from company or observation b) freedom from unauthorized intrusion " - Merriam-Webster 

Microsoft has privacy as the second pillar for Trustworthy Computing. The world of internet has always been the target of many threats. Spam, hackers, malware, unwanted pop-ups. Lack of privacy, created a lot of concern back in 2002, about insecurities of personal information being shared on the internet. PrivacyRights.org list some of the concerns about such topic:

  1. Hackers penetrating the most secure facilities of the military and financial institutions
  2. Identity thieves are able to shop online anonymously using the credit-identities of others. 
  3. Web-based information brokers sell sensitive personal information, including Social Security numbers. 
Privacy is important for computer users, and making them feel empowered with the tools and computing products, such as software when it comes to protecting their personal information is one of the targets for this pillar. Microsoft helped to create and contribute to standards and policies, for privacy which was widely used by other industry organizations and government.

Reliability 

This image has an empty alt attribute; its file name is reliability-and-security.png


 Reliability is an attribute of any computer-related component (software,  or hardware, or a network, for example) that consistently performs according to its specifications.  - Margaret Rouse 2005

In the security world, reliability is not anything newly introduced. Microsoft however, presented a new approach to redefine reliability by defining it in one of their four core areas of Trustworthy Computing.  Microsoft " believes it means being a reliable business partner, maintaining an open dialogue with our customers and industry partners, and seeking feedback about how we can improve our software and services "  (Powers 2005).  It was introduced six key attributes for a reliable system: Resilient, Recoverable, Controlled, Unpredictable, Predictable.

Bill Gates explains in his email about the importance of their system be available to their costumers: " Our products should always be available when our costumers need them." Systems outages were common, and Microsoft decided to focus on change their software architecture that supports automatic recovery.  Today, self-management systems are everywhere, where it allows for a service resumption without user interaction in almost every case.

Business Integrity

This image has an empty alt attribute; its file name is data-integrity-1024x583.jpg

 "In looking for people to hire, you look for three qualities: integrity,  intelligence, and energy. And, if they don't have the first, the other  two will kill you." – Warren Buffett 

Microsoft's fourth pillar of Trustworthy Computing is business integrity. It heavily relies on two things:

  • Be responsive
  • Be transparent

Bill Gates believed that everyone should be responsive to their actions. Take responsibility for problems and take action to correct them.  People are afraid to take responsibility for mistakes, especially within a large corporation. However, the lack of communication and responsibility can result in a larger loss.

He also believed that his employees should be transparent. Be open in dealing with costumers, keep motives clear, keep promises, and make sure costumers know where they stand in dealing with the company.

[0011] Implementing Trustworthy Computing

The Bussiness Aspect

Image result for business security

The term of Trustworthy Computing has been applied to computing systems that are inherently secure, available, and reliable. Conducting a Security Risk Assessment, allows companies to assess security-related risks from internal and external threats to an entity, its assets, or personal. Based on the core idea of Trustworthy Computing, businesses should be able to identify the people and assets at risk, while prioritizing assets that support the business's primary goal. Understand the loss events, where the company is aware of threats that could occur, such as DDoS, or inside threat. On top of that, the impact of events, for example, if a threat has a minor impact on the business or could it keep the business from being functional for a long period of time. Taking into consideration of options to mitigate and feasibility of options of implementing mitigation on vulnerable, such as ensuring every computer in the company is protected by some type of anti-malware software. It is important to contain a Security Policy. The core meaning of a Security Policy is what it means to be secure for a system. It outlines what needs to be done to ensure security but not how to do it. It brings another important step: the enforcement of Security Policies. For example, if a written policy states that a password must be changed every 30 days, then all systems should be configured to enforce this policy automatically. Least but not least, educating employees. They must be educated about the importance of security, so they will understand how security is crucial for their environment and motivated to follow security policies.

Resources

https://searchsecurity.techtarget.com/opinion/Trustworthy-computing-Dont-compromise-security-for-convenience
https://www.wired.com/2002/01/bill-gates-trustworthy-computing/
https://www.giac.org/paper/gsec/4243/pillars-trustworthy-computing-displayed-patch-management/106837
https://en.wikipedia.org/wiki/Trustworthy_computing
https://www.merriam-webster.com/dictionary/privacy
https://cybersecurity.seas.wustl.edu/ning/teaching/F19cse569s/paper/BootstrappingTrustBook.pdf

Comments

Post a Comment

Popular posts from this blog

Angr: A Multi-Architecture Binary Analysis Toolkit

This blog is quoted from several angr blogs and documentations, click  here  and  here . angr is a multi-architecture binary analysis toolkit, with the capability to perform dynamic symbolic execution (like Mayhem, KLEE, etc.) and various static analyses on binaries. We've tried to make using angr as pain-free as possible - our goal is to create a user-friendly binary analysis suite, allowing a user to simply start up iPython and easily perform intensive binary analyses with a couple of commands. That being said, binary analysis is complex, which makes angr complex. This documentation is an attempt to help out with that, providing narrative explanation and exploration of angr and its design. Several challenges must be overcome to programmatically analyze a binary. They are, roughly: Loading a binary into the analysis program. Translating a binary into an intermediate representation (IR). Performing the actual analysis. This could be: A partial or full-program static
Post a Comment
Read more

Information Side Channel

By Elaine Cole and Jarek Millburg An information side channel can be used to gain information about the system or data that it processes. A side-channel attack identifies a physical or micro-architectural signal that leaks such desired information and monitors and analyzes that signal as the system operates. While there are many different types of information side channels and even more ways to maliciously exploit them, this blog explores a recent publication that leverages information side channels within IoT devices to aid crime scene investigators in real-time. In this blog, we provide an overview of the general attack procedure, and explore two of the many forms of side channel attacks. Side Channel Attack General Procedure While there are many different forms of side channels, at a high level, a side channel attack requires the following: 1. identify a side channel:  The attacker must first identify  a physical or micro-architectural signal that leaks desired
Post a Comment
Read more

Introduction to SGX and potential attack method

The Overview of SGX What is the SGX? With more and more attack on systems and bigger danger inside the internet. We get a new technology which named The Security Guard Extensions (The SGX). Actually the SGX aimed to separate the whole applications to two parts: secure part and unsecure part. The secure part named enclave. Which is stored in protected memory. Between the enclave and application, there is an interface is implemented. Which is consists of e-calls and o-calls. The e-calls are inside the enclave for calling to the unsecured code. The o-calls are located in the unsecured code for collecting data inside the enclave. The enclave is totally protected which means any access from external are not allowed. Only when the untrusted part of application call the trusted function then the code inside the enclave can see the data. When it returns, the enclave data are still stays in safe memory. figure.1 Actually while the application’s host in pr
Post a Comment
Read more