Computer Security and The Human Factor计算机安全和人为因素
November 7th, 2004 | by ian | 2004年11月7日|由伊恩|I recently read我最近读 The Human Factor人的因素 by engineering professor由工学教授 Kim Vincente金vincente . 。 This is an eye-opening book about the importance of “adapting technology to people” instead of “forcing people to adapt to technology.” The field of Human Factor Engineering has apparently been around for awhile, but never has society been in greater need of it: thanks to personal computers and the internet most people I know deal daily with technology which fails to acknowledge human nature.这是一个大开眼界开放图书约的重要性, “适应技术的人”而不是“强迫人去适应科技。 ”人权领域的工程因素,似乎已为周围的一段时间,但从来没有得到社会的更大的需要它:感谢个人电脑和互联网大多数人我知道,每天处理与技术未能承认人的本性。
Technology for Technology’s Sake 科技技术的,为了
Kim says technology has grown too complex because “technology wizards” tend to design for people like themselves or for the sake of the technology itself, and because there is a culture of reductionism in science which tends to favour design from the bottom up without understanding the emergent properties of the system when all components are connected.金泰宇说,科技的成长过于复杂,因为“技术奇才” ,往往设计人喜欢自己或为技术本身,因为有一个文化还原的科学倾向赞成的设计从下往上,没有认识急诊性能的系统时,所有组件的连接。 Both of these struck a chords with me: as a scientist I tried to swim against the reductionist tide, and as a network and software engineer I strive daily to consider这两项一个和弦与我:作为一个科学家,我试图游泳对简化的潮流,作为一个网络和软件工程师i争取每天要考虑 “layer 8″ “层8 ” of the该 network网络 : the user. :用户。
Systems Analysis 系统分析
Prioritizing优先次序 systems analysis系统分析 in a world of cheap (and quite effective) reductionism is not an easy sell.在世界级的廉价(相当有效)还原并不是一件容易的出售。 It is complicated and costly, requiring careful study, testing and monitoring of interaction and interdependencies.它是一个复杂和昂贵的,需要仔细研究,测试和监测的互动和相互依存关系。 Where then are you likely to find such approaches?那里,然后你可能找到这种办法呢? Typically when the loss of human life is the consequence of failure.通常,当人类生命的损失是失败的后果。 Of particular interest in Kim’s book were his contrasting case studies on aviation and medical industry safety records.特别感兴趣的在金正日的书是他的对比的案例研究,航空和医疗卫生行业的安全纪录。
When Death is on the Line 当死亡是对路线
There was apparently a time when taking the plane was not safer than driving.有明显的时候,采取架飞机是不是安全比驾驶。 According to Kim, up until the mid 70s “the FAA was simultaneously responsible for receiving information about near misses, and reprimanding people and organizations when they screwed up.” Obviously a lot of really serious matters did not get reported due to the potential liability involved, and often problems would not be addressed until there was an accident.根据金,直到70年代中期, “亚洲艺术节同时负责接收信息,近错过了,并谴责人士和团体,当他们拧起来” ,显然是很多真正严重的问题没有得到报道,由于可能涉及的法律责任,而且往往问题不会得到解决,直到有一宗交通意外。 Loss of life in aviation is high profile and can lose you customers quickly.生命损失,在航空业是高姿态,并可能会失去你的顾客迅速。 Obviously this situation was unsustainable for the industry and eventually the FAA collaborated with NASA resulting in the Aviation Safety Reporting System (ASRS) allowing这种情况显然是不可持续的,为业界,并最终美国联邦航空局的合作,与美国航天局的结果是在航空安全报告系统( asrs )容许 private reporting of incidents私人汇报事件 . 。 The details are all in the book which I encourage you to read but here is what seems to make the system work:详情都在这本书中,我鼓励您阅读,但在这里是什么,似乎使该系统的工作:
1) voluntary 1 )自愿
2) confidential 2 )机密
3) non-punitive 3 )非惩罚性
4) independent 4 )独立
It costs $2 million annually, deals with @40,000 incidents, and there has apparently NEVER been a breach of confidentiality of the reports! IT成本200万元,每年处理40000 @事故发生,并有明显从来就不是一个违反保密规定的各项报告! And thanks to ASRS in large part, aviation is much safer than it was in the 70s.和感谢asrs在很大一部分,航空是更安全,比它在70年代。
…Culture Matters …文化事项
Kim also studies US hospitals where 44,000-98,000 people die yearly from preventable causes.金正日还研究美国医院44000-98000人死亡,每年从可预防的原因。 This horrific situation doesn’t seem to get attention proportional to this statistic and does not seem to be improving fast.这一可怕的情况似乎并不注意这个比例的统计和似乎并没有得到改善快。 Taking responsibility for one’s actions is central to the culture of medecine and you would think this would be a recipe for excellence.负责人的行动,是中央向文化medecine ,你会认为,这将是一个食谱,追求卓越。 Yet fear of reprimand, job loss, loss of reputation, and the highly litigious US medical environment are incentives against reporting incidents and accidents.然而,恐惧的谴责,失去工作,丧失声誉,以及高度的诉讼,美国的医疗环境是诱因,对报告的事件和事故。 Conspiracies of imperfect technology, ridiculously long shifts, and these more complex social issues act as an “invisible hand” that guides the system to generate more mistakes.阴谋的不完善的技术,可笑的长期变化,而这些更复杂的社会问题作为“无形之手”指导制度,以创造更多的错误。 Kim argues valiantly that the medical system stands to gain a lot from human factor engineering and provides some excellent examples.金辩称,勇敢地指出,医疗制度的立场得到了很多,从人的因素工程和提供了一些很好的例子。
Have a Safe Compute! 有一个安全的计算!
It seems like everyone can benefit from reading what Kim has to say and applying it to their fields.好像每个人都可以受惠于读什么金大中说,并应用到他们的领域。 I certainly want to try.我当然想尝试。 I want to follow up on a conversation I had with我想跟进对一个会话我曾与 Adam亚当 . 。
Embracing internet use is a cost of entry, albeit quite low at first glance, to doing business in today’s world.拥抱互联网的使用是一个入门成本,虽然相当低,乍看之下,经商在今天的世界。 The true cost of computing on the internet is probably quite high if the risks are properly accounted for however this is a difficult task, you would know if you ever tried to get a security budget approved!真正的成本计算在互联网上可能是相当高的风险,如果有适当占然而,这是一项艰巨的任务,你会知道,如果你以往任何时候都试图获得安全批准的预算! Adam assures me this is an unsolved problem because many or most computer security incidents go unreported (if anyone has any estimates please let me know and I will link to them here) leading to a lack of data with which to assess risk.亚当保证,我这是一个悬而未决的问题,因为很多或大部分电脑保安事故没有举报的(如果任何人有任何估计,请让我知道我会链接到他们这里)领导一个缺乏数据与评估风险。
This reminded me of the problems Kim discussed in aviation and medecine, since the major reason we don’t know more about security breaches is that there are penalties for disclosure:这使我想起的问题,金正日讨论在航空和medecine ,因为主要的原因,我们不知道更多有关安全漏洞的是,有罚则披露:
-security staff may face reprimand or loss of job and reputation -保安人员可能面临谴责或损失的就业和声誉
-an organization won’t risk publishing forensic analysis of incursions and results of security audits for obvious reasons -一组织将不会冒险出版法医分析的入侵和结果,安全审计出于明显的原因
-companies don’t want to admit the financial damages caused by security breaches to their shareholders and show weakness to the market -公司不想承认,财政造成的损失的安全漏洞,从而它们的股东和示弱,以市场
Can a CSRS help us design more secure products? 可现今的帮助我们设计更安全的产品呢?
Would it be possible to have an effective “Computer Security Reporting System”?才能够有一个有效的“计算机安全报告制度”呢? Would a non-profit organization, properly funded, be able to collect accurate data and produce meaningful reports and recommendations for industry architects and CIOs alike?将一个非营利组织,适当的资金,能够收集准确的数据和产生有意义的报告和建议,为行业的建筑师和CIO们都? Could they protect the identities of participants and the information that belongs to them?可以保护他们的身份,参加者和信息属于自己的呢? Would we be able to generate key cost information from this data that would serve to educate while helping build better products and security budgets?我们将能够产生关键的成本资料,从这个数据将教育的同时,帮助建立更好的产品和安全方面的预算? Has this already been done and does it meet the aforementioned key criteria?这已经做了它是否满足上述关键的标准? I found something我发现一些 here这里 , but government related agencies don’t seem to meet the “independent” criterion. ,但政府相关机构似乎并不符合“独立”的标准。
Perhaps it is not feasible to have a CSRS:或许是行不通的有公务员事务规例:
1) too many players and technologies involved 1 )有太多的球员和技术所涉及的
2) security, while expensive, is not usually “life and death” 2 )安全,而昂贵的,通常不是“放下生死”
3) too big a problem - too expensive to be cost effective 3 )过大的问题-过于昂贵,以符合成本效益
I’m not a security insider so I will “ask the audience” on this one.我不是一个安全的内幕,因此我会“问观众: ”在这1 。 I know you’re out there!我知道您出门在外,有!
