End-To-End Trust: We want your Feedback

  • Article

You probably saw my blog post on End-To-End Trust last week. This week at RSA Craig Mundie, Microsoft's Chief Research and Strategy Officer, talked about our ideas and views on this topic. In parallel, we announced the availability of a Whitepaper on End-To-End Trust by Scott Charney, our Vice President Trustworthy Computing. This whitepaper sets out a framework for industry discussion.

Why is trust on the Internet a challenge?

Well, the Internet has certain attributes criminals love:

  • It is global
  • It is more or less anonymous
  • It is extremely hard to trace somebody back to the individual
  • There are valuable targets

So, it is clear that crime will stay in this extremely valuable environment.

What is the new challenge?

When we started Trustworthy Computing, the attacks were on the lower layers of the stack. They were against the Operating System. Fixing the problems in the different Operating Systems requires working with a few selected vendors as there are not too many in this field. If you look at the effort it took to get where we are today and you multiply this by the number of application vendors, you will see the complexity of making the applications secure – not even talking of the user!

As the OS has become harder, and as attackers' motivation shifted from a desire to show off and prove themselves more clever than the Operating System provider to a desire to steal instead, the attacks moved up the stack. Today the Operating System is not the key target anymore; it is the applications and the users. So, we need not only a trusted Operating System but a trusted stack from the hardware to the user.

This is actually not new but – to my knowledge – nobody ever tried to frame that concretely.

What is needed?

In our opinion a public dialogue as cybercrime is an issue that affects all of us. The challenge with the problems stated above is that these are not engineering problems only. We, being an engineering company, tend to throw technology at a problem until it is solved. But this problem is not solely about technology. It is much, much more. It is about social, political, economical, and technological issues. Better engineering can address vulnerabilities in software code, but it can't do much about vulnerabilities in human nature which criminals exploit to propagate lottey scams for example nor can it address challenges in policy ad legislation. Personally I am convinced that we need to look at this much more broadly. This is proven by the fact that a lot of discussions I have with analysts, journalists, and customers often end up in a pretty high-level discussion about what the society wants and needs.

To be clear: This is a public debate which is needed. We can kick it off. We can provide technology, guidance, and architecture on how to solve engineering problems. We can implement certain processes decided upon. But we cannot do it alone.

Take a look at the whitepaper Scott published at RSA. It lays out five areas of discussion:

  • Identifiers
  • Authentication
  • Authorization Policies
  • Access Control Mechanisms
  • Audit

Pretty straight forward, isn't it. The key challenge in my opinion is, that different companies work on point solutions and we (the industry) need an encompassing approach – including the society, the policy, and the customers.

Finally, I stated that we need a trusted stack from the hardware to the people to the data – mainly:

  1. Trusted Devices: It is clear that the trust has to be bound to hardware!
  2. Trusted OS
  3. Trusted Applications
  4. Trusted People
  5. Trusted Data

The details are in the paper.

So, what is new?

New are the framework and the overarching approach covering all the aspects. We do not provide the silver bullet and the final solution. But the paper raises questions and options. One of the things I keep telling my customers is that the worst thing they can do is not taking a decision. If you have two options and you do not decide directly, the decision is taken for you – by the system. But you do not really have control over it.

If we are not having this public debate, this is going to happen with us. Therefore, it might not be all new but very important!

What do we want?

Your time (to read the paper), your feedback. As I said: It is not us telling the industry what you all have to do but we want to open the debate and give it a framework. On our website there is an option to give us feedback or you can add a comment here.

I am looking forward to this debate

Roger