Presentation is loading. Please wait.

Presentation is loading. Please wait.

Some Thoughts on Cyber-Resiliency, Time, and Surveillance Peter Swire Huang Professor of Law and Ethics Georgia Institute of Technology NAS/NRC Forum on.

Similar presentations


Presentation on theme: "Some Thoughts on Cyber-Resiliency, Time, and Surveillance Peter Swire Huang Professor of Law and Ethics Georgia Institute of Technology NAS/NRC Forum on."— Presentation transcript:

1 Some Thoughts on Cyber-Resiliency, Time, and Surveillance Peter Swire Huang Professor of Law and Ethics Georgia Institute of Technology NAS/NRC Forum on Cyber-Resiliency April 6, 2015

2 Overview 1.My initial thoughts when Lynette Millett and Fred Schneider asked: 1.My favorite example of resilient vs. non-resilient 2.Resilience is a function of time 3.Resilience is often unevenly distributed across sub- populations 2.Thoughts on the intersection of resilience and surveillance

3 1. My favorite example of resilient vs. non-resilient  Credit cards  Very resilient; if fraud, cancel and new card almost immediately; some loss during time before cards are canceled  Even more resilient if one-time number (Apple Pay goal), so theft of database creates zero value  Biometrics  Horribly un-resilient  If they get your fingerprint, can’t get a new finger  Database of fingerprints (DNA, retina scans, etc.) thus a perfect example of un-resilient: the credentials are copyable and compromised for millions, with no ready way to use fingerprints reliably for those people

4 2. Resilience as a Function of Time  When t -> ∞  Keynes: “In the long run, we are all dead.”  Swire: “In the long run, all systems are resilient.”  True unless immortality or destruction of all human endeavors  When t -> 0  The bad thing happens  It is too soon to bounce back  Perhaps others here have a different definition of resiliency, but my common sense is that the typical question is “how resilient over what period of time”

5 3. Resilience and Variation Among Populations  In a monoculture world, the speed and quality of resilience is quite similar across the population  In most real systems, by contrast, the speed and quality of resilience will vary  Distribution of and variation in resilience are thus often crucial  Consider the willingness to trust online commerce after a breach – how will the resilience of trust vary across demographics and other populations?  Current example – how much have your views of the US government (and the US tech sector) returned to pre-Snowden levels? Answer about the resilience of trust is highly variable. That is super-important if dealing with the new skeptic.

6 Thus, Resilience is Not a Yes/No Function  Misleading to say “the system is resilient” or “it is not”  Resilience is a function of time  Roman Empire to Dark Ages to Renaissance, about 1200 years  Resilience varies across populations  Italy, England/Flanders, Russia had Renaissance in different centuries  The fingerprint example  Time - fingerprints useful again in a generation, when have new fingerprints  Fingerprints useful for the sub-population whose fingerprints were not compromised

7 Part 2: Resilience and Surveillance  What is the relationship between resilience and surveillance?  Upon initial reflection (at least for me) was not obvious  My friends who are good in math  Turn a new and hard problem into a familiar and solved problem  What problem in surveillance can guide our understanding of resilience?

8 Proposal: Lessons from the Crypto Wars  Surveillance roughly means more knowledge by a powerful agency  If [insert your favorite 3-letter agency here] knows more-or-less everything, is that good or bad for [stopping crime and terrorism] or [making the system resilient]?

9 The Claimed Benefits of Surveillance  In crypto wars, law enforcement and national security agencies want more access to data:  Detect, catch, and deter “bad guys”  Analogy to resiliency:  When the breach happens, forensics to detect what happened, attribute the attack, and thus learn how to remediate  Block and deter follow-up attacks  Disaster recovery – if a private database is destroyed, surveillance agencies can use their data to help reconstruct

10 The Claimed Costs of Surveillance  Critiques of weak crypto:  Agency database of keys can become single point of failure – the bad guys get that, they learn everything  If “good” governments have the keys, then “bad” governments will get them (and their criminal friends)  Civil liberties – dangerous to let the government have that data  Analogy to resilience  Agency database can become single point of failure (all the data is breached)  If “good” governments surveil, then easier for “bad” governments  Resilience of the political system – stop surveillance before the secret police get too powerful

11 Summary on Crypto and Resilience  Analogy of crypto wars to resilience  Surveillance improves resilience: Benefits of more knowledge when the surveillance data is helpful in responding to attacks  Surveillance reduces resilience: Costs of more knowledge when the surveillance data facilitates attacks or impedes response to attacks  Resilience and the political system  Worries in the crypto wars that agencies undermine political system  Worries about resilience of the political system if surveillance goes too far

12 In Conclusion  My themes:  Big potential harms from non-resilient systems (fingerprints)  Resilience is a function of time  Distributional aspects -- resilience varies among sub-populations  Resilience is thus not a Yes/No attribute  For surveillance, consider the new problem (resilience) based on our understanding of a familiar problem (the crypto wars)  A great pleasure to think about problems in this new framework – “resiliency”  A creative opportunity – not usually easy to fit fingerprints, the Renaissance, and Keynes into a short talk  I look forward to the many other creative approaches we will develop in this Forum


Download ppt "Some Thoughts on Cyber-Resiliency, Time, and Surveillance Peter Swire Huang Professor of Law and Ethics Georgia Institute of Technology NAS/NRC Forum on."

Similar presentations


Ads by Google