Announcement

Collapse
No announcement yet.

Is Computer Security Theory Worth Learning?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Is Computer Security Theory Worth Learning?

    I've started reading the book "Introduction to Computer Security" by Matt Bishop a few weeks back. Matt Bishop is the Security teacher at UC Davis (my college) so I thought I'd get a head start on the class before I take it in a few quarters.

    Reading through all this theoretical stuff I've started to wonder exactly how applicable it is in the real world. Though I definately plan on learning the stuff well, if only because I may choose to go to graduate school, I was wondering if anyone outside of an educational atmosphere actually uses this kind of stuff.

    A nice little excerpt for your reading pleasure:
    Let a computer system begin in protection state s0. If a system can never leak the right r, the system (including the initial state s0) is called safe with respect to the right r. If the system can leak the right r (enter an unauthorized state), it is called unsafe with respect to the right r.
    This kinda stuff, sets, and mathematical algorithms is the majority of the book so far.

    I'm four chapters in, and I see the importance of a lot of the ideas, I just really can't see the use of the math in the real world. Any enlightening thoughts?
    %54%68%69%73%20%69%73%20%6E%6F%74%20%68%65%78

  • #2
    Originally posted by pr0zac0x2a
    I've started reading the book "Introduction to Computer Security" by Matt Bishop a few weeks back. Matt Bishop is the Security teacher at UC Davis (my college) so I thought I'd get a head start on the class before I take it in a few quarters.

    Reading through all this theoretical stuff I've started to wonder exactly how applicable it is in the real world. Though I definately plan on learning the stuff well, if only because I may choose to go to graduate school, I was wondering if anyone outside of an educational atmosphere actually uses this kind of stuff.

    A nice little excerpt for your reading pleasure:
    Let a computer system begin in protection state s0. If a system can never leak the right r, the system (including the initial state s0) is called safe with respect to the right r. If the system can leak the right r (enter an unauthorized state), it is called unsafe with respect to the right r.
    This kinda stuff, sets, and mathematical algorithms is the majority of the book so far.

    I'm four chapters in, and I see the importance of a lot of the ideas, I just really can't see the use of the math in the real world. Any enlightening thoughts?
    I looked over another book by him, and I think it was titled, "Computer Secuirty Art and Science" and it went over a great deal of theory, and had heavy emphasis on math/FSM as well as models. I seem to recall that it was targetted for CS people.

    IMO, it was a good book for theory and I was impressed. To me, it seemed to address many of the slow-to-change issues of CompSec in book-form (an ideal target IMO.) Most of the items in that book are historical or theoretical or academic, and are not likely change within the next 3 to 5 years. It is a great foundation that allows the student to have the tools necessary to learn about new models and changes to security as they appear.

    What it does not target, is current security issues, and IMO, such a book should not or else it quickly becomes dated material. The location for current material is mailing lists, and security group notices, or engineering in the field. Your ability as a student to find applications in CS/Sec is what will set you apart from your peers. (Recitation is not understanding or comprehension.)

    I think it meets its focus in theory, models, and foundation for understanding why models work. (The biggest difference between a Computer Scientist and an Engineer or Programmer.) As a result, it is an academic book, not a howto, or super sexy-- unless FSM gives you a stiffy. ;-)

    The math helps you understand WHY the models work the way they do, and gives you leverage to quickly learn new models, or find places where "rules" are really just "guidelines" in specific applications.

    I am just a clueless newbie, but feel free to let him know my opinion of his other book.

    An engineer uses a table.
    (Programmers are between these two)
    A Physicist uses an equation that was used to generate the table for the engineer.
    (Computer Scientists are between these two)
    The mathematician builds the equation.

    Comment


    • #3
      Theres a theory behind computer security?

      I thought it was...
      "Theres no patch for human stupidity" (The biggest hole is usually the employee)
      & that "Any OS that has no vulnerabilities is probably an outdated one".

      What more is there to security than that..

      Maybe its called "Theory" because no computer is ever secure. You can beat people with a stick to make them follow directions, but theres always someone that screws the whole plan up..

      Comment


      • #4
        Originally posted by [Syntax]
        Theres a theory behind computer security?
        Heh-heh.

        Yep. There are many places where security problems can exist. Implementation, use, failure to meet criteria, and assumptions without verification are all too common.

        A model with bad security is the most serious of all of these, because any implementation meeting that model and not exceeding it, will almost certainly have a weak foundation and be at risk for similar attacks..

        Consider WEP, sshv1, and early biometrics-- where the model or in this case (protocols) are flawed, most or all implementations suffer consequences.

        I thought it was...
        "Theres no patch for human stupidity" (The biggest hole is usually the employee)
        Yes, this is a problem. Places that use biometrics without a security guard to enforce the method and use violate an implied assumption with biometrics-- the person providing the "sample" is the actual original owner of the sample.
        Model violations or "unhandled exceptions" are fundamental flaws that sometimes have obvious exploits.

        Maybe its called "Theory" because no computer is ever secure. You can beat people with a stick to make them follow directions, but theres always someone that screws the whole plan up..
        Theory is "nice." Theory allows for considerations controlled environments, where inventors can be fanciful, and assume things like the laws of thermodynamics WRT entropy need not apply.
        Theory can help us to understand how things work, find cause for failure, and try to improve, but theory is no substitute for the real world testing and peer review.

        "Secure" is to model as "proof" is to experiment.
        Scientific experiments generally do not prove hypothesis, theory or law, they only provide lack of disproof OR invalidate some part of the hypothisis/, theory or law.
        A model is generally not, "secure," only not yet found to be insecure but stood a test of time, or found to be insecure.

        Comment


        • #5
          Originally posted by TheCotMan

          I think it meets its focus in theory, models, and foundation for understanding why models work. (The biggest difference between a Computer Scientist and an Engineer or Programmer.) As a result, it is an academic book, not a howto, or super sexy-- unless FSM gives you a stiffy. ;-)
          Lesson 1: Define a "stiffy" using a Finite State Machine.

          Originally posted by TheCotMan
          An engineer uses a table.
          (Programmers are between these two)
          A Physicist uses an equation that was used to generate the table for the engineer.
          (Computer Scientists are between these two)
          The mathematician builds the equation.
          Scientists struggle to refine theories and algorithms to perfection, ad infinitum.
          Engineers get it to within .005% tolerance and go drinking.
          Jesus built my car
          It’s a love affair
          Mainly Jesus and my hot rod

          Comment


          • #6
            Originally posted by pr0zac0x2a
            I've started reading the book "Introduction to Computer Security" by Matt Bishop a few weeks back. Matt Bishop is the Security teacher at UC Davis (my college) so I thought I'd get a head start on the class before I take it in a few quarters.

            SNIP.
            My experience is that security theory within computer science is all well and good, but most of it has no practical application because almost all of the theories/models you encounter are older, insecure ones. This still is great for learning new ways to construct more secure models for future applications.

            "Security Engineering" by Ross Anderson is a very digestable read that bridges the gap between security theory and real-world application. The models and the math are still there, but with concise practical illustrations. It is also much more systems oriented (i.e. it doesn't address computer security as much as it generalizes secure design).

            Hardware/software systems (whether secure or not) are designed and built by engineers, not computer scientists or the average programmer. Theory or models without application are pretty useless unless you're into pure science.

            http://www.cl.cam.ac.uk/~rja14/book.html
            Last edited by Grond; August 23, 2005, 08:15.
            Jesus built my car
            It’s a love affair
            Mainly Jesus and my hot rod

            Comment


            • #7
              I have the same book. (I'm transfering to UCDavis in the future and plan on taking his classes).
              I have read bits and pieces and overall it seems like an excellent book. I'm not the best to judge, but looking at his website, approach, other papers... This book is less dependent on Math/Sci and more on practical stuff. So.. I think the theory behind it is importiant to keep in mind when your having trouble understanding a topic, or.. to make sure your not cutting corners in producing something.

              Don't we have to learn the theorys and "meta-security" stuff before we can look at current methods of it? They should reinforce what we learned from the theory.
              The only constant in the universe is change itself

              Comment


              • #8
                Originally posted by Grond
                Lesson 1: Define a "stiffy" using a Finite State Machine.
                If the state ranges from 'I want a sandwich' to 'Claudia Schiffer on my lap', it's doable.

                Comment


                • #9
                  Is Computer Security Theory Worth Learning?
                  When you start getting into the problem resolution phase (as in getting paid to fix security issues) this becomes extreamly important. Many times conversations end with "Well there's no 'real' answer to this problem, what's the best we can do?". This is due to lack of Security Theory understanding, and problems cropping up that have no 100% mitigating answer (a la covert channels).


                  Worth learning? You bet your ass it is
                  "Never Underestimate the Power of Stupid People in Large Groups"

                  Comment


                  • #10
                    Originally posted by pr0zac0x2a
                    I've started reading the book "Introduction to Computer Security" by Matt Bishop a few weeks back. Matt Bishop is the Security teacher at UC Davis (my college) so I thought I'd get a head start on the class before I take it in a few quarters.

                    Reading through all this theoretical stuff I've started to wonder exactly how applicable it is in the real world. Though I definately plan on learning the stuff well, if only because I may choose to go to graduate school, I was wondering if anyone outside of an educational atmosphere actually uses this kind of stuff.

                    A nice little excerpt for your reading pleasure:
                    Let a computer system begin in protection state s0. If a system can never leak the right r, the system (including the initial state s0) is called safe with respect to the right r. If the system can leak the right r (enter an unauthorized state), it is called unsafe with respect to the right r.
                    This kinda stuff, sets, and mathematical algorithms is the majority of the book so far.

                    I'm four chapters in, and I see the importance of a lot of the ideas, I just really can't see the use of the math in the real world. Any enlightening thoughts?
                    Sorry this is so long, I don't normally say this much:

                    I wasn't quite sure I understood what it was you were speaking of until I really began to make my way through this thread. You are speaking, of course, of design modeling methodologies. These are important, even if you never use the maths.

                    When you stated, "Is Computer Security Theory Worth Learning" my knee-jerk reaction, was, "Hell, yes!" Because there are several classes of "computer security theories."

                    * Computer Security Design Theories
                    * Computer Security Testing Theories
                    * Computer Security Vulnerability Assessment/Audit Theories
                    * Computer Security Management Theories

                    I have probably missed one or 10, as this field has really broken out in the past 5 years. But I am sure you understand where I am going with this.

                    Where ever it is you decide you want to play in this space, having an understanding of WHY the theory or methodology works the way it does, to what it applies, gives one a solid foundation. It allows you to build upon that along with current information to make informed decisions about what you are doing. (Thank you Cotman for your insightful comments on this). What it doesn't necessarily do is tell you how to do it. That's the difference between the artist and the technician. The artist not only has perspective on why what he is doing is going to work, he can employ it or bend it as needed, because he DOES understand the theory, and is inquistive enough to research what new developments have come up. The technician only knows how to apply the instructions/models he has been given and is often halted up short when he runs into an anomoly. (No technicians or artists need be offended by this statement).

                    And in agreement with Hackajar, I have found it sound to have at least a broad understanding of this particular class of theory or theories. It rounds me out as a practicioner and helps me to add more value to helping solve the challenges that arise for my clients. If you wish to be an adept practicioner, then it is probably worth your time.

                    Have fun at UCDavis. Great school!

                    Just my 0.02

                    valkyrie

                    Comment


                    • #11
                      For me security theory can quite help in some other purposes..but as far as my experience security on theory is a little more far than what it is written and what is applied on the real world..
                      Fight for what you think is Right

                      Comment

                      Working...
                      X