Bob Blakley Chief Scientist, Security and Privacy IBM

Bob Blakley is chief scientist for Security and Privacy at IBM. He was general chair of the 2003 IEEE Security and Privacy Conference and has served as General Chair of the New Security Paradigms Workshop. He served on the National Academy of Science’s study group on Authentication Technologies and Their Privacy Implications. He was named Distinguished Security Practitioner by the 2002 ACM Computer Security and Applications Conference (ACSAC), and serves on the editorial board for the International Journal of Information Security (IJIS).

Bob Blakley was the editor of the OMG CORBAsecurity specification, and is the author of "CORBA Security: An Introduction to Safe Computing with Objects", published by Addison-Wesley. Blakley was also the editor of the Open Group’s Authorization API specification and the OASIS Security Services Technical Committee’s SAML specification effort. Blakley has been involved in cryptography and data security design work since 1979 and has authored or co-authored seven papers on cryptography, secret-sharing schemes, access control, and other aspects of computer security. He holds nine patents on security-related technologies.

Blakley received an A.B. in classics from Princeton University, and a master’s degree and Ph.D. in computer and communications sciences from the University of Michigan.

Presentation

Security in Data

Security architectures today suffer from the following problems:

• Operating-System and hardware-based security mechanisms provide protection only to the boundary of an individual system.
• Protocol-based security mechanisms provide protection only within the context of protocol sessions or associations, and often provide protection only on a single communications “hop”.
• Application-based security mechanisms provide protection only to resources whose semantics are native to the application, and only within the boundary of the application and its resource repository.
• Boundaries between different types of security mechanisms introduce “seams” at which security policy and mechanism translations create complexities and requirements for trusted entities.  These seams are often subject to attacks which are not likely to be effective against individual security mechanisms.
• Semantic incompatibilities between different security mechanisms’ policy languages, and administrative disagreements over authority for managing policy, complicate and in some cases preclude formulation of comprehensive policy throughout an information system.
• Security mechanisms at each level of a system “stack” are subject to attacks “from below” if the different layers of the application stack (starting from the processor hardware and proceeding all the way up to the end-user application interface) are not tightly integrated from a security point of view.

These problems do not seem solvable as long as security is associated with a piece of code executing at a particular point in a system’s hardware/software stack.

However, it may be possible to solve some or all of these problems if security resides in the data itself, and is enforced by a component outside of the usual software stack

Return to agenda