2017 - May
10 rules for an unhackable data vault
by James B. Morris
Most recent publicity on cyber security has focused on preventing attacks by external hackers. While many of these attacks began with an insider, there has been much less discussion about preventing malicious insider exploits. Perhaps that is because untrustworthy insiders are hard to find and block before they strike. The Secure Data Vault (SDV) is an approach to protecting the most sensitive data from malware and insider exploits. Formal verification of the microservices that govern access to the vault will close down almost all malware pathways. The old military N-person rule will close down most insider pathways. This rule allows for a trade-off between security and convenience: the higher the number who have to cooperate to access the vault (N), the greater the security and the less the convenience. When based on this plus nine other construction rules, the SDV will protect sensitive data from malware and malicious insiders.
Cybersecurity skeptics now embracing formal methods: an interview with Gernot Heiser and Jim Morris
by Ted G. Lewis
There is new hope for those who despair securing computer systems from external hackers. The recent DARPA HACMS project demonstrated conclusively that "certain pathways for attackers have all been shut down in a way that's mathematically proven to be unhackable for those pathways." Continuing research at DARPA and IARPA will eventually shut down all the pathways, and the external hackers will be out of business permanently.