drawing the line correctly: enough security, everywhere
TRANSCRIPT
© 2017 Intertrust Technologies Corporation. All rights reserved.
Drawing the Line Correctly: Enough Security, EverywhereLINE-Intertrust Security Summit 1 —TokyoMay 17, 2017
Talal G. Shamoon, CEO Intertrust
© 2017 Intertrust Technologies Corporation. All rights reserved.
Welcome to the first LINE-Intertrust Security Summit
2© 2017 Intertrust Technologies Corporation. All rights reserved.
© 2017 Intertrust Technologies Corporation. All rights reserved.
LINE-Intertrust Security Summit• Meeting of the minds on modern
Internet secure systems
• Bring together business, research and products
• Open dialog to discuss challenges and solutions that the market faces
3© 2017 Intertrust Technologies Corporation. All rights reserved.
© 2017 Intertrust Technologies Corporation. All rights reserved.
The Internet was never designed with inherent security in mind
Basic (huge) Problem
4© 2017 Intertrust Technologies Corporation. All rights reserved.
© 2017 Intertrust Technologies Corporation. All rights reserved.
Because the bad guyswere assumed to be on the outside
The Internet was never designed with inherent security in mind
5
Basic Problem
© 2017 Intertrust Technologies Corporation. All rights reserved.
© 2017 Intertrust Technologies Corporation. All rights reserved.
The security model was to “shoot the bad guys” when they came close to the computer
6© 2017 Intertrust Technologies Corporation. All rights reserved.
© 2017 Intertrust Technologies Corporation. All rights reserved.
The Internet was originally designed for military and government communication to be, resilient, robust and distributed
7© 2017 Intertrust Technologies Corporation. All rights reserved.
© 2017 Intertrust Technologies Corporation. All rights reserved.
1965-1975:
Multics — a “modern” operating system for the new age …lots of cool security concepts for its day
Multics failed. And the Bell Labs team who worked on it wrote Unix — with little security…
8© 2017 Intertrust Technologies Corporation. All rights reserved.
© 2017 Intertrust Technologies Corporation. All rights reserved. 9
http:// ++ +
= Security Circus
Fast forward: a few things happened…
© 2017 Intertrust Technologies Corporation. All rights reserved. 10
“We now find ourselves back fixing [the Internet] over and over again…”“You keep saying, ‘Why didn’t we think about this?’ Well the answer is, it didn’t occur to us that there were criminals.”
Eric Schmidt @RSA2017 – Chairman, Alphabet
© 2017 Intertrust Technologies Corporation. All rights reserved.
© 2017 Intertrust Technologies Corporation. All rights reserved.
It’s a great time to have a job in Secure Systems
Every day brings news of a new attack
Consumers and infrastructure are at peril
Need to understand convenience vs. security
1111
© 2017 Intertrust Technologies Corporation. All rights reserved. 12
Overlay the Internet and operating systems with appropriate security technologies
Need complete robust solutions that go way beyond strong cyphers
Secure run times, properly built and deployed authentication and strong hardware and software tamper resistance
© 2017 Intertrust Technologies Corporation. All rights reserved.
Nijo-Jo: Tamper Resistance and Authentication are not new…
13
…but not everyone needs the Shogun’s interior decorator
13© 2017 Intertrust Technologies Corporation. All rights reserved.
© 2017 Intertrust Technologies Corporation. All rights reserved.
The right tool for the right job
14
People sometimes use security solutions that were too strong in certain cases — bad for business
Secure systems design is a risk management exercise — if a system is too hard to use, people wont use it
Understand the weaknesses and the threats, then deploy appropriate technology – but don’t forget that it’s all networked
© 2017 Intertrust Technologies Corporation. All rights reserved. 15
To bring focus on threats and solutions, LINE and Intertrust decided to create this conference series
Today is our first summit meeting to bring experts together to present research and discuss how to create
a safe and business friendly Internet
Please enjoy!
© 2017 Intertrust Technologies Corporation. All rights reserved.
Image Attributions:
• Slides 2 & 3: Terakoya for Girls / (circa 1842-45) Bungaku Bandai no Takara by Issunnshi Hanasato / Wikimedia Creative Commons (CC BY-SA 2.0)
• Slides 4 & 5: The Taking of Jericho / (circa 1896-1902) by James Jacques Joseph Tissot (French, 1836-1902) / Wikimedia Creative Commons (CC BY-SA 2.0)
• Slides 6: U.S. Marine Corps photo by Sgt. Devin Nichols / U.S. Government Works
• Slide #7: Administrator Harry Trelogan and Agriculture Secretary Orville Freeman / (April 3, 2012) Photo courtesy of the National Archives and Records Administration / Wikimedia Creative Commons (CC BY-SA 2.0)
• Slide #8: Ken Thompson (sitting) & Dennis Ritchie at PDP-11 / (circa 1970) by Peter Hamer / Wikimedia Creative Commons (CC BY-SA 2.0)
• Slide #10: Eric Schmidt, Executive Chairman of Google Inc., at the press conference about the e-G8 forum during the 37th G8 summit in Deauville, France / (February 3, 2013) derivative work: Sven Manguard / Wikimedia Creative Commons (CC BY-SA 2.0)
• Slide #12: "We Can Do It!" poster for Westinghouse / by (1942) J. Howard Miller (1918–2004) / Wikimedia Creative Commons (CC BY-SA 2.0)
• Slide #13: Plans of Nijō Castle / (2008) by vector image Gothika / Wikimedia Creative Commons (CC BY-SA 2.0), The secret of the squeaky Nightingale Floors - nails / (May 21, 2007) by Chris Gladis / Wikimedia Creative Commons (CC BY-SA 2.0),Portrait of Tokugawa Ieyasu / by Kanō Tan’yū (1602–1674) / Wikimedia Creative Commons (CC BY-SA 2.0)
Thank you