Interview with Ross Anderson
Inserito da Agatino Grillo il Mer, 2005-11-02 16:52
Crittografia | English | IT Colloquia | Novembre 2005 | Security
0511-RossAnderson By Agatino Grillo
(Italian version)
IsacaRoma: You are Professor of “Security Engineering” at the Computer Laboratory http://www.cl.cam.ac.uk/ of University of Cambridge. Could you present yourself and the "Computer Laboratory"?
Ross Anderson: The Computer Laboratory is the computer science department of Cambridge University. It is here that in May 1949 we switched on the EDSAC, the world's first proper computer, which provided computing services to academics until 1956 when it was replaced with EDSAC 2 link. Since then, Cambridge has been a world leader in systems engineering.
IR: You are one of founders of "security economics", a new discipline which is rapidly growing. Could you summarize its matters?
RA: We realised that many security failures occur not so much for technical reasons but because the incentives were wrong. Often the people who were guarding a system did not meet the full costs of security failure. For example, banks who were able to pass on much of the costs of ATM fraud to their customers in the 1990s did not protect their ATM systems properly. Another example was hospital systems: they often failed to protect patient privacy because the people who bought them (hospital administrators and medical researchers) were more interested in getting access to data than restricting access. See Economics and Security Resource Page for more information.
IR: "Why Information Security is Hard - An Economic Perspective" was your first contribute to security economics; what's about its genesis?
RA: When I wrote by book “Security Engineering” I found that the stories I had to tell to make sense of many security failures had to do with incentives and economics more often than with technical errors. After I'd completed the book I extracted the economics arguments and examples, and presented them in this paper. The paper is available here (pdf, 100K).
IR: What is the annual "Workshop on Economics and Information Security"?
RA: The workshop was first held at Berkeley in 2002, organised by Hal Varian, an economist with whom I launched the study of security economics as a proper academic discipline. We sought to bring together security researchers, economists and people from industry and government. The workshop has grown strongly since and next year it will be held for the first time in Europe, in Cambridge, England, from 26-28 June. You can find the “first announcement” and call for papers here in html, pdf (26 K) or text (3 K) format.
IR: What about your cryptographic research?
RA: Cryptography is a subject to which I return every few years. The last time round, I worked with Eli Biham and Lars Knudsen to create Serpent, a block cipher which was a finalist in the US competition to find an Advanced Encryption Standard. Serpent is now completely in the public domain, under the GNU PUBLIC LICENSE (GPL) and we impose no restrictions on its use.
IR: Is it possible to learn cryptography without academic background? Have you any recommendations to improve cryptography knowledge for non-specialized people?
RA: I learned cryptography on the job, while working in banking and consultancy. Back then there were no taught courses in the subject. Nowadays, a working engineer who suddenly needs to use cryptography and other information-protection mechanisms might do well to read my book: "Security Engineering" .
IR: Your book, "Security Engineering", focuses on the tools, processes and methods needed to design, implement and test complete systems, and to adapt existing systems as their environment evolves. Why is Security Engineering so important?
RA: Many systems break because people don't understand the threats that their systems will have to face, and they use protection mechanisms in inappropriate ways. It's not enough just to have strong ciphers; in fact that's the easy part. The hard part is to use them right.
IR: Bruce Schneier wrote: "Security Engineering (...) requires you to think differently. You need to figure out not how something works, but how something can be made to not work. You have to imagine an intelligent and malicious adversary inside your system (…) constantly trying new ways to subvert it. You have to think like an alien." Is this the correct approach to security?
RA: Yes, you have to be able to think like an attacker. That takes time to develop, and you have to study how systems have failed in the past.
IR: "Security Engineering" is also available in Chinese and Japanese ; will be there an Italian translation?
RA: There aren't any plans, but if anyone's interested in doing one, please contact my publishers!
Ross Anderson was one of the founders of the study of information security economics, and chairs the Foundation for Information Policy Research. A Fellow of the IEE, he was also one of the pioneers of peer-to-peer systems, of API attacks on cryptographic processors, and of the study of hardware tamper-resistance. He was one of the inventors of Serpent, a finalist in the competition to find an Advanced Encryption Standard. He is Professor of Security Engineering at the Computer Laboratory, Cambridge University, and wrote the standard textbook “Security Engineering -- A Guide to Building Dependable Distributed Systems”.
Contacts: Ross Anderson's home page
(Italian version)
IsacaRoma: You are Professor of “Security Engineering” at the Computer Laboratory http://www.cl.cam.ac.uk/ of University of Cambridge. Could you present yourself and the "Computer Laboratory"?
Ross Anderson: The Computer Laboratory is the computer science department of Cambridge University. It is here that in May 1949 we switched on the EDSAC, the world's first proper computer, which provided computing services to academics until 1956 when it was replaced with EDSAC 2 link. Since then, Cambridge has been a world leader in systems engineering.
IR: You are one of founders of "security economics", a new discipline which is rapidly growing. Could you summarize its matters?
RA: We realised that many security failures occur not so much for technical reasons but because the incentives were wrong. Often the people who were guarding a system did not meet the full costs of security failure. For example, banks who were able to pass on much of the costs of ATM fraud to their customers in the 1990s did not protect their ATM systems properly. Another example was hospital systems: they often failed to protect patient privacy because the people who bought them (hospital administrators and medical researchers) were more interested in getting access to data than restricting access. See Economics and Security Resource Page for more information.
IR: "Why Information Security is Hard - An Economic Perspective" was your first contribute to security economics; what's about its genesis?
RA: When I wrote by book “Security Engineering” I found that the stories I had to tell to make sense of many security failures had to do with incentives and economics more often than with technical errors. After I'd completed the book I extracted the economics arguments and examples, and presented them in this paper. The paper is available here (pdf, 100K).
IR: What is the annual "Workshop on Economics and Information Security"?
RA: The workshop was first held at Berkeley in 2002, organised by Hal Varian, an economist with whom I launched the study of security economics as a proper academic discipline. We sought to bring together security researchers, economists and people from industry and government. The workshop has grown strongly since and next year it will be held for the first time in Europe, in Cambridge, England, from 26-28 June. You can find the “first announcement” and call for papers here in html, pdf (26 K) or text (3 K) format.
IR: What about your cryptographic research?
RA: Cryptography is a subject to which I return every few years. The last time round, I worked with Eli Biham and Lars Knudsen to create Serpent, a block cipher which was a finalist in the US competition to find an Advanced Encryption Standard. Serpent is now completely in the public domain, under the GNU PUBLIC LICENSE (GPL) and we impose no restrictions on its use.
IR: Is it possible to learn cryptography without academic background? Have you any recommendations to improve cryptography knowledge for non-specialized people?
RA: I learned cryptography on the job, while working in banking and consultancy. Back then there were no taught courses in the subject. Nowadays, a working engineer who suddenly needs to use cryptography and other information-protection mechanisms might do well to read my book: "Security Engineering" .
IR: Your book, "Security Engineering", focuses on the tools, processes and methods needed to design, implement and test complete systems, and to adapt existing systems as their environment evolves. Why is Security Engineering so important?
RA: Many systems break because people don't understand the threats that their systems will have to face, and they use protection mechanisms in inappropriate ways. It's not enough just to have strong ciphers; in fact that's the easy part. The hard part is to use them right.
IR: Bruce Schneier wrote: "Security Engineering (...) requires you to think differently. You need to figure out not how something works, but how something can be made to not work. You have to imagine an intelligent and malicious adversary inside your system (…) constantly trying new ways to subvert it. You have to think like an alien." Is this the correct approach to security?
RA: Yes, you have to be able to think like an attacker. That takes time to develop, and you have to study how systems have failed in the past.
IR: "Security Engineering" is also available in Chinese and Japanese ; will be there an Italian translation?
RA: There aren't any plans, but if anyone's interested in doing one, please contact my publishers!
Who is Ross Anderson?
Ross Anderson was one of the founders of the study of information security economics, and chairs the Foundation for Information Policy Research. A Fellow of the IEE, he was also one of the pioneers of peer-to-peer systems, of API attacks on cryptographic processors, and of the study of hardware tamper-resistance. He was one of the inventors of Serpent, a finalist in the competition to find an Advanced Encryption Standard. He is Professor of Security Engineering at the Computer Laboratory, Cambridge University, and wrote the standard textbook “Security Engineering -- A Guide to Building Dependable Distributed Systems”.
Contacts: Ross Anderson's home page
» email this story | printer friendly version | 5181 reads
