Newsgroups: comp.risks
X-issue: 3.31
Date: Tue, 5 Aug 86 21:41:12 edt
From: decwrl!decvax!LOCAL!utzoo!henry@ucbvax.Berkeley.EDU
To: LOCAL!CSL.SRI.COM!RISKS
Subject: Computer and Human Security

Lindsay F. Marshall writes, in part:

> I feel that there are significant differences between the quality of the two
> sorts of security... there are many instances where computer
> security seems very much more superficial than human security...

The other side of this coin is that there are many instances where human
security is very much more superficial than computer security.  How many
times have you been waved through a gate by a guard who knows you?  Does
he really consider the possibility that your pass might have been revoked
yesterday?  Yes, I know, they're supposed to always check, but it often
doesn't work that way in practice.  Especially if there is something else
distracting them at the time.  An electronic pass-checker box, on the other
hand, does not get distracted and doesn't get to know you.  Human security
can be bribed, coerced, or tricked; these tactics generally don't work on
computers.  Their single-minded dedication to doing their job precisely
correctly and ignoring everything else blinds them to "out-of-band" signs
that subversion is taking place, but it also blinds them to "out-of-band"
methods of subversion.

The best approach is to combine the virtues of the two systems:  use
computers for mindless zero-defects jobs like checking credentials, and
use humans to watch for improper use of credentials, attempts to bypass
credential checking, and anomalies in general.  One gray area is checking
the match between credentials and credential-holders:  this generally has
to be done by humans unless the credentials are something like retinagrams.

				Henry Spencer @ U of Toronto Zoology
				{allegra,ihnp4,decvax,pyramid}!utzoo!henry