Headlines reporting massive compromises – of millions or even hundreds of millions and even billions of accounts or records – have become a regular occurrence. Why do we have such global security failures? Could it be something inherent in our approach to security? Can we identify the source of these inherent weaknesses? And, most importantly, is there an alternative approach that might help us avoid these problems? In this talk we propose answers to these questions, focusing on access control, as a good representative of more general security problems.
As a first step, we identify some common features of the modern approaches to system design (focusing on security) and analyze how these features of our very thinking unavoidably lead to inherent points of global failures. As an illustration, we consider how the Zero Trust concept seemed to have correctly identified the problem, but fell victim to the same issues in its solution – the Zero Trust Architecture.
Next, the goals for an alternative approach are proposed in such a way as to avoid the pitfalls of the current thinking.
Finally, we outline an approach which can achieve these goals (using cryptography).
Specifically, we study how this approach can be used to develop access control systems without built-in central points of global failures, which are inherent in the modern approaches and the very thinking (as argued in the first step). Currently, we illustrate this new approach with a few toy examples. Future research will aim to apply this approach to more realistic and practical scenarios.
It is important to stress that instead of closing the problem, the proposed new approach opens a completely new and yet unexplored design space. Therefore, the open questions abound and much future work and collaboration – including interdisciplinary – is possible and needed.