(this tutorial addresses why access controls have been changing and the direction they may take in the future.)
in the past security models were simple and one directional. a trusted computing base would provide the reference monitor concept to control all accesses on the system. expanding this approach across a network introduced minimal change with network processors enforcing the reference monitor. guards and firewalls were used to expand the network to a heterogeneous nature.
in recent years the trusted computing base has been exchanged for a untrusted one. the reference monitor is no longer enforced over the system but more specific to each application. in organizations these reference monitors can be distributed and must be malleable by business and regulatory logic. these reference monitors also need to protect content across maybe hostile environments of the consumers pda laptop ipod computer or mobile phone.
simple formal and rigid state-transition access control models of the past are giving way to expressible extensible languages for use on these touring systems. older homogenous coarsely-grained object-oriented systems are finding their use replaced by heterogeneous finely-grained objects and extensible mark-up language documents.
these recent trends toward more complex access controls is contrary to the traditional approach of keeping simplicity is the primary objective. the security community as a whole and access controls presently are in the difficult situation of supporting a number of new technologies.
* privacy policies with unknown or unverifiable purposes
* decentralized peer to peer applications where every user is their own authority and their policy needs to scale to millions of other users
* zero trust authorization scenarios
* digital rights management applications with enforcement of owner policies even on devices with no promise of a trusted computing base presence
this trend to more complex access controls will bring hardships to consumers by allowing untrusted and unknown applications and data owners to enforce unverifiable privacy and use policies. this may result in deviations from business policy and regulatory compliance or security exceptions like the recent sony covert windows driver for music cds.
perhaps palladium is the step in the right direction by restoring the historical trusted computing base. now the technology to make trusted computing a homogenous environment through all the consumers touring systems. some consumers have concerns about the control given to applications data owners by trusted systems and these concerns are very serious but may be the only path to a simplified approach.
some may argue that a simplified approach is not required or capable of supporting the complex controls required to maintain the controls required by the globally distributed heterogeneous environments of web content and peer to peer applications. the complex access controls and application level reference monitors may be a welcome change for those concerned about allowing the operating system vendor monopolistic control over their choices in data rights management controls.
one path we have something akin to a giant octopus wrapped around the digital globe in the form of palladium and the other we have vendors like sony creating their own reference monitors right now covertly but in the future perhaps in an overt and mandatory way.
perhaps technical controls are not the best approach at all. clearly the locks on your house and car are simple and minimal. clear legal regulations in the form of laws have proven more successful than older technical controls like moats. traditional problems surrounding regulations at a global scale may play out to fruition in the near future with the european union seeking and being rejected for access and control of internet backbone segments. china has begun to exert similar pressures. the fall-out of these tensions may be the deglobalization of the internet easing the introduction of borderless regulations.
one thing is very clear digital rights will be protected it is now up to consumers to choose the manner best suited to support their rights while ensuring use and the protection of others rights.
what are your thoughts.