the three laws of cyber security
If you can't read please download the document
TRANSCRIPT
test4
The Three Laws
of Cyber Security
Foundation stone of modern Cyber security
Jiri Napravnik / http://rule.salamandr.cz
Is time for a change Cyber Security -
Is time for the Three Laws of Cyber Security
Computer security was a problem for many years.
Computer security is a big problem, which costs a lot of money and time, but the situation continues to deteriorate.
What if the current solution built on the wrong basis ?? What if we think about the problem wrong?
Is time for a change Cyber Security -
Is time for the Three Laws of Cyber Security
SW development is an exact discipline, where it is possible to clearly describe everything, programmed and tested. No laws of physics, no chemical reaction.
SW development is solely the work of people.
The error in the software is not caused by our ignorance of the laws of nature, but a poor job of analysts, programmers and testers.
Is time for a change Cyber Security -
Is time for the Three Laws of Cyber Security
Program Apollo
Many scientists, technicians and workers was involved in the project Apollo, from 1962 to 1969. In the course of this project have been resolved many new challenges in physics, chemistry, management of large projects and many other areas. In 1969, indeed the crew of Apollo 11 successfully landed on the Moon and returned to Earth.
Is time for a change Cyber Security -
Is time for the Three Laws of Cyber Security
SW developmentCreating programs are purely human activity.
Analysts, programmers and testers in the development of operating systems and applications do not have to respect the physical or chemical properties of materials.
SW Authors need not examine, understand and respect the cosmic radiation, gravity or other natural laws like in the Apollo program.
Is time for a change Cyber Security -
Is time for the Three Laws of Cyber Security
SW development
Over the 15 years, since the release of Windows 2000 / XP, failed to solve the problems with viruses. This si a huge difference from the Apollo program.
The Three Laws of Cyber Security defines foundation stone of modern Cyber Security
In Aviation exists traceability of spare parts according to EN 9120, FAA AC21 and next rules. Aircraft captain has confidence that the aircraft has original parts.
In the ICT environment fixed point missed.
For the IT environment is propose the Three Laws of Cyber security.
The Three Laws of Cyber Security defines foundation stone of modern Cyber Security
Law no. 1 - Checksums must be always the sameLaw no. 2 - The network shall enable checksum verification Law no. 3 - The operating system has to verify the checksum
The Three Laws of Cyber Security defines foundation stone of modern Cyber Security
Law no. 1 - Checksums must be always the same
The checksum of the file on the user's device must be always the same as the checksum of the same file by the SW author.
The Three Laws of Cyber Security defines foundation stone of modern Cyber Security
Law no. 2 The network shall enable checksum verification
The network has to enable checksum verification of file from user's device with the recorded of the checksum from SW authors.
The Three Laws of Cyber Security defines foundation stone of modern Cyber Security
Law no. 3 The operating system has to verify the checksum
The operating system has to verify the checksum before starting an application and before using unverified system files***Computer viruses and hackers then will have a very, very limited space for the attacks.
The Three Laws of Cyber Security defines foundation stone of modern Cyber Security
It's time for a change
Cyber security
Jiri [email protected] http://rule.salamandr.cz