Computer Security and The Human Factor計算機安全和人為因素
November 7th, 2004 | by ian | 2004年11月7日|由伊恩|I recently read我最近讀 The Human Factor人的因素 by engineering professor由工學教授 Kim Vincente金vincente . 。 This is an eye-opening book about the importance of “adapting technology to people” instead of “forcing people to adapt to technology.” The field of Human Factor Engineering has apparently been around for awhile, but never has society been in greater need of it: thanks to personal computers and the internet most people I know deal daily with technology which fails to acknowledge human nature.這是一個大開眼界開放圖書約的重要性, “適應技術的人”而不是“強迫人去適應科技。 ”人權領域的工程因素,似乎已為周圍的一段時間,但從來沒有得到社會的更大的需要它:感謝個人電腦和互聯網大多數人我知道,每天處理與技術未能承認人的本性。
Technology for Technology’s Sake 科技技術的,為了
Kim says technology has grown too complex because “technology wizards” tend to design for people like themselves or for the sake of the technology itself, and because there is a culture of reductionism in science which tends to favour design from the bottom up without understanding the emergent properties of the system when all components are connected.金泰宇說,科技的成長過於複雜,因為“技術奇才” ,往往設計人喜歡自己或為技術本身,因為有一個文化還原的科學傾向贊成的設計從下往上,沒有認識急診性能的系統時,所有組件的連接。 Both of these struck a chords with me: as a scientist I tried to swim against the reductionist tide, and as a network and software engineer I strive daily to consider這兩項一個和弦與我:作為一個科學家,我試圖游泳對簡化的潮流,作為一個網絡和軟件工程師i爭取每天要考慮 “layer 8″ “層8 ” of the該 network網絡 : the user. :用戶。
Systems Analysis 系統分析
Prioritizing優先次序 systems analysis系統分析 in a world of cheap (and quite effective) reductionism is not an easy sell.在世界級的廉價(相當有效)還原並不是一件容易的出售。 It is complicated and costly, requiring careful study, testing and monitoring of interaction and interdependencies.它是一個複雜和昂貴的,需要仔細研究,測試和監測的互動和相互依存關係。 Where then are you likely to find such approaches?那裡,然後你可能找到這種辦法呢? Typically when the loss of human life is the consequence of failure.通常,當人類生命的損失是失敗的後果。 Of particular interest in Kim’s book were his contrasting case studies on aviation and medical industry safety records.特別感興趣的在金正日的書是他的對比的案例研究,航空和醫療衛生行業的安全紀錄。
When Death is on the Line 當死亡是對路線
There was apparently a time when taking the plane was not safer than driving.有明顯的時候,採取架飛機是不是安全比駕駛。 According to Kim, up until the mid 70s “the FAA was simultaneously responsible for receiving information about near misses, and reprimanding people and organizations when they screwed up.” Obviously a lot of really serious matters did not get reported due to the potential liability involved, and often problems would not be addressed until there was an accident.根據金,直到70年代中期, “亞洲藝術節同時負責接收信息,近錯過了,並譴責人士和團體,當他們擰起來” ,顯然是很多真正嚴重的問題沒有得到報導,由於可能涉及的法律責任,而且往往問題不會得到解決,直到有一宗交通意外。 Loss of life in aviation is high profile and can lose you customers quickly.生命損失,在航空業是高姿態,並可能會失去你的顧客迅速。 Obviously this situation was unsustainable for the industry and eventually the FAA collaborated with NASA resulting in the Aviation Safety Reporting System (ASRS) allowing這種情況顯然是不可持續的,為業界,並最終美國聯邦航空局的合作,與美國航天局的結果是在航空安全報告系統( asrs )容許 private reporting of incidents私人匯報事件 . 。 The details are all in the book which I encourage you to read but here is what seems to make the system work:詳情都在這本書中,我鼓勵您閱讀,但在這裡是什麼,似乎使該系統的工作:
1) voluntary 1 )自願
2) confidential 2 )機密
3) non-punitive 3 )非懲罰性
4) independent 4 )獨立
It costs $2 million annually, deals with @40,000 incidents, and there has apparently NEVER been a breach of confidentiality of the reports! IT成本200萬元,每年處理40000 @事故發生,並有明顯從來就不是一個違反保密規定的各項報告! And thanks to ASRS in large part, aviation is much safer than it was in the 70s.和感謝asrs在很大一部分,航空是更安全,比它在70年代。
…Culture Matters …文化事項
Kim also studies US hospitals where 44,000-98,000 people die yearly from preventable causes.金正日還研究美國醫院44000-98000人死亡,每年從可預防的原因。 This horrific situation doesn’t seem to get attention proportional to this statistic and does not seem to be improving fast.這一可怕的情況似乎並不注意這個比例的統計和似乎並沒有得到改善快。 Taking responsibility for one’s actions is central to the culture of medecine and you would think this would be a recipe for excellence.負責人的行動,是中央向文化medecine ,你會認為,這將是一個食譜,追求卓越。 Yet fear of reprimand, job loss, loss of reputation, and the highly litigious US medical environment are incentives against reporting incidents and accidents.然而,恐懼的譴責,失去工作,喪失聲譽,以及高度的訴訟,美國的醫療環境是誘因,對報告的事件和事故。 Conspiracies of imperfect technology, ridiculously long shifts, and these more complex social issues act as an “invisible hand” that guides the system to generate more mistakes.陰謀的不完善的技術,可笑的長期變化,而這些更複雜的社會問題作為“無形之手”指導制度,以創造更多的錯誤。 Kim argues valiantly that the medical system stands to gain a lot from human factor engineering and provides some excellent examples.金辯稱,勇敢地指出,醫療制度的立場得到了很多,從人的因素工程和提供了一些很好的例子。
Have a Safe Compute! 有一個安全的計算!
It seems like everyone can benefit from reading what Kim has to say and applying it to their fields.好像每個人都可以受惠於讀什麼金大中說,並應用到他們的領域。 I certainly want to try.我當然想嘗試。 I want to follow up on a conversation I had with我想跟進對一個會話我曾與 Adam亞當 . 。
Embracing internet use is a cost of entry, albeit quite low at first glance, to doing business in today’s world.擁抱互聯網的使用是一個入門成本,雖然相當低,乍看之下,經商在今天的世界。 The true cost of computing on the internet is probably quite high if the risks are properly accounted for however this is a difficult task, you would know if you ever tried to get a security budget approved!真正的成本計算在互聯網上可能是相當高的風險,如果有適當佔然而,這是一項艱鉅的任務,你會知道,如果你以往任何時候都試圖獲得安全批准的預算! Adam assures me this is an unsolved problem because many or most computer security incidents go unreported (if anyone has any estimates please let me know and I will link to them here) leading to a lack of data with which to assess risk.亞當保證,我這是一個懸而未決的問題,因為很多或大部分電腦保安事故沒有舉報的(如果任何人有任何估計,請讓我知道我會鏈接到他們這裡)領導一個缺乏數據與評估風險。
This reminded me of the problems Kim discussed in aviation and medecine, since the major reason we don’t know more about security breaches is that there are penalties for disclosure:這使我想起的問題,金正日討論在航空和medecine ,因為主要的原因,我們不知道更多有關安全漏洞的是,有罰則披露:
-security staff may face reprimand or loss of job and reputation -保安人員可能面臨譴責或損失的就業和聲譽
-an organization won’t risk publishing forensic analysis of incursions and results of security audits for obvious reasons -一組織將不會冒險出版法醫分析的入侵和結果,安全審計出於明顯的原因
-companies don’t want to admit the financial damages caused by security breaches to their shareholders and show weakness to the market -公司不想承認,財政造成的損失的安全漏洞,從而它們的股東和示弱,以市場
Can a CSRS help us design more secure products? 可現今的幫助我們設計更安全的產品呢?
Would it be possible to have an effective “Computer Security Reporting System”?才能夠有一個有效的“計算機安全報告制度”呢? Would a non-profit organization, properly funded, be able to collect accurate data and produce meaningful reports and recommendations for industry architects and CIOs alike?將一個非營利組織,適當的資金,能夠收集準確的數據和產生有意義的報告和建議,為行業的建築師和CIO們都? Could they protect the identities of participants and the information that belongs to them?可以保護他們的身份,參加者和信息屬於自己的呢? Would we be able to generate key cost information from this data that would serve to educate while helping build better products and security budgets?我們將能夠產生關鍵的成本資料,從這個數據將教育的同時,幫助建立更好的產品和安全方面的預算? Has this already been done and does it meet the aforementioned key criteria?這已經做了它是否滿足上述關鍵的標準? I found something我發現一些 here這裡 , but government related agencies don’t seem to meet the “independent” criterion. ,但政府相關機構似乎並不符合“獨立”的標準。
Perhaps it is not feasible to have a CSRS:或許是行不通的有公務員事務規例:
1) too many players and technologies involved 1 )有太多的球員和技術所涉及的
2) security, while expensive, is not usually “life and death” 2 )安全,而昂貴的,通常不是“放下生死”
3) too big a problem - too expensive to be cost effective 3 )過大的問題-過於昂貴,以符合成本效益
I’m not a security insider so I will “ask the audience” on this one.我不是一個安全的內幕,因此我會“問觀眾: ”在這1 。 I know you’re out there!我知道您出門在外,有!
