Cryptosmith

A SANS Handler Notebook entry by Toby Kohlenberg reports on data leakage in cloud computing, and links to a terrific paper from some UCSD/MIT people: Ristenpart, Tromer, Shacham, and Savage.

If we set the wayback machine to the early 1970s, we find a paper by Butler Lampson about something called the confinement problem. It’s the same thing. Ristenpart et al pick up some of the threads (like noninterference) though their paper doesn’t point all the way back to Lampson.

This is a hard problem to solve. The only defense right now is if attackers lack the motivation to exploit it.

Continue Reading »

Posted under History of Technology & Security | No Comments »

I have moved some material about multilevel security (MLS) and ‘cross domain systems’ (CDS) onto this web site from my old Cryptosmith site. I’ve also included some brief comments on CDS. There is also a link to my MLS Introduction, which I will be updating and migrating to this site over the next few months.

I’m not collecting comments on static pages if I can help it, so if you have the need to comment on my MLS or CDS materials, post the comment here.

Posted under Security | No Comments »