The Scenario
Alice : Hi I would like to make booking reservation at your resort today.
Manager: Sure but u need to send us a copy of front/back of your cc card to telly it.
Alice: Now way!! dat's Insecure.
Manager: Well you could use our online booking system. it's encrypted with 2048-bit blax333...
Alice: Cool, thanks man!!
Manager: No Problem , be sure not to do give the details in a public wifi and only use trusted "Network when u use our system, Can't have people snoop on the traffic eyt. "..
Taking a classical approach on crypto.. When Alice and Manager want to exchange sensiive information...
what do they do? Use SSL or any other "state of the art " of cryptic stuff into a Z transform.. So to simplify a flow of processs. We say Alice view the data in an unencrypted form same as Manager . From process flow point of view.
So in the Genesis of Covert Channel , In the beginning there is no security, and in the end there is no security. Suppose let us expend the diagram catering outside process flow.
Where Reality Domain is consisting physical interaction+ environment that Alice/ Manager encounter with either living beings or non living beings . Why Logical Domain is the list of interaction that the application used/encounter to view the insecure form of the data..
Suppose Alice is an owner of Credit/Debit Card,, In some way or another the Reality Domain that Alice may encounter is either
- Cashier
- Receptionist
- Friends
- Family
While in Logical Domain can be narrowed down into 3 entity;
- Web Browser
- Email
- PDF Output or Postcript Dump for Printing/Archive purposes)
For Manager, the Reality Domain they will encountered.
- Finance
- Clerk
- Auditor
- External booking Information
While in Logical Domain can be narrowed down into 3 entity;
- Software viewing customer data, (Probably Excel or PDF Form)
- Email
- PDF Output or Postcript Dump for Printing/Archive purposes)
Notice that any interaction in the reality domain and logical domain doesn`t have any form of security at all.
What's the implication of this information? Suppose a Manager says "we received this booking from this Alice, here's her detail please process and proceed with the payment" to Finance. The instruction and information will be passed around in an insecure domain form (regardless via electronics means such as email or verbal )..
We spend tremendous amount of money to secure the process flow with multitude complience that we often forgot to realize what happen in the "event before the flow" and "event after the flow" ..
- Have we pay attention on security in interaction in both domains?
- What's keeping our data safe from any entity for each domains?
- Can an entity hop/mimicking other entity across domains?
In the lore of malware we know that a malware can hijack/process/threads of other application on certain circumstances(token privilege,RemoteThreadCreate() APi etcx3).
In the lore of scam-ware, we know a person can impersonate other people and retrive data as long as we have the correct personality.
In the lore of human brains, 99% of us cannnot cannot decrypt DES with a "constant key" in mere seconds thus resulting that data need to be pass to another human in it's original forms (numbers,name,passwords).
Conclusion:
The reality of security is broken if it can be view in an insecure forms..
We are living in an insecured enviroment over a thin line of trust.
No comments:
Post a Comment