usenix conference policies
Turing Around the Security Problem
Computers have advanced so much in the 75 years of computing history that one might wonder why we still cannot make a secure computer system. Sure, it is hard, but lots of things are hard, and other computing problems fall before the onslaught of determined research. So why can't we make computers secure? This talk will examine the theoretical underpinnings of computer security, going all the way back to the original work by Alan Turing in 1932, to discover that reliably building secure software systems is actually provably impossible. We will also explore the socio-economic factors that make even building kind-of-secure systems unlikely.
Thus we are stuck with the problem of defending a perpetually vulnerable software base. We then explore the field of intrusion prevention; the art of defending systems despite latent vulnerabilities. Intrusion prevention also has a theoretical history, this time going back to Boyd, a fighter jet pilot from the 1950s. We will explain how Boyd's theories of engagement apply to modern intrusion prevention, and use this perspective to survey the range of ways that vulnerable systems can be defended, bringing us back to the modern context as we go "Turing" around the security problem.
Crispin Cowan was the CTO and founder of Immunix, Inc., recently acquired by Novell. Dr. Cowan now works as an architect for Novell with respect to security for the Linux platform and applications that Novell offers for Linux, and with particular attention to the AppArmor product that came with the Immunix acquisition. Dr. Cowan developed several host security technologies under DARPA funding, including prominent technologies like the StackGuard compiler defense against buffer overflows, and the LSM (Linux Security Modules) interface in Linux 2.6. Dr. Cowan also co-invented the "time-to-patch" method of assessing when it is safe to apply a security patch. Prior to founding Immunix, he was a professor with the Oregon Graduate Institute, Department of Computer Science and Engineering. He holds a Ph.D. from the University of Western Ontario and a Masters of Mathematics from the University of Waterloo.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Crispin Cowan},
title = {Turing Around the Security Problem},
booktitle = {15th USENIX Security Symposium (USENIX Security 06)},
year = {2006},
address = {Vancouver, B.C. Canada},
url = {https://www.usenix.org/conference/15th-usenix-security-symposium/turing-around-security-problem},
publisher = {USENIX Association},
month = jul
}
connect with us