The Impact of Trust On Security Policies
By Roy D. Follendore III
Copyright (c) 2001 by RDFollendoreIII
December 26, 2001
In order to think out the issues of a complex problem without the noise, I have found that it is sometimes useful to create a scenario and then transfer the problem to logic. The scenario is a simplified model that takes you outside of the side issues related to the current problem while being designed in such a way as to to conform to the perspective.
Imagine you are a schizophrenic prisoner on death row. There is no doubt that you did the deed to which you are accused and convicted. One day some kindly Doctor comes into your cell to explain that if you choose to take the medication he can proscribe, you will no longer hear voices and will no longer be insane. The problem is that your attorney has explained that in this particular State, if you are not insane you will be executed for your crime.
The problem you as the prisoner are now faced with has no possible "good" outcomes. You might need to be insane to take the medicine. On the other hand, insanity is not such a great thing either. You would have to be insane to remain insane. What I am describing is essentially an example of a problem with a zero sum solution.
What is interesting about this problem is not your solution, it is the role of the kindly Doctor. The one fact in our story that we may not be able to assume as true is the issue of kindness. Is the doctor really kind? With this in mind, we may want to sit in our cell and consider the facts with the unstated facts.
What can we assume? First, we know that the Doctor is a Physician who has sworn to take an oath to first do no harm. Second, the Doctor is working for the State because he has been admitted into the Prison and because he is being paid by the State.
Now let us put logic to this problem. If doing no harm is assigned a binary value of 0, and doing harm is assigned 1, then we can assume that the value is a 0. On the other hand, if working for the State that is trying you kill you is assigned a binary value of 1 and working for your interest is assigned a value of 0, then we can assume that value to be 1.
By changing the statements from rational concerns to logical functions, the problem has somehow been translated into something quite different. We are no longer looking out for our welfare, we are simply looking for the statement of mistrust as a 1. If we assume that either or both of the assumptions described above are 1, then the answer is a 1.
In breaking down this problem, it becomes obvious that it does not matter if our Doctor is or is not kind. By the very act of giving you the option of taking his medicine, he is opening his value system up to scrutiny. It becomes obvious that the "Good" Doctor believes that mental health may be more important than life and that the quality of life may be more important than the quantity of life. This in itself is of smaller consequence than the decision to allow a prisoner to make the decision.
The act of providing a choice in a zero sum situation is therefore in itself a decision which ultimately aids one side of the decision making choice or the other. It is obvious that our Doctor is not being absolutely honest to himself or to you as a patient because in taking a neutral position, he has taken a deliberate action on behalf of his benefactor which violates his oath as a Physician.
The problem that I have presented through this situational experiment does not revolve on mathematics, it hinges the concept of trust and ethics. In our situation, if you can not trust the kindness of the Doctor then you can not trust the medicine because the rules of the State are rigid with respect to your outcome. There is a key indirect relevance which affects any statement of trust with respect to the Doctor.
This situation is interesting because it is similar to the problem we face today in Security. The kind Doctors may be representative of the good security experts at the FBI, NSA, NIST or any other Government Agency issuing security advice. These Doctors all work for organizations with stated mission and policy goals that are clearly contrary to the security of your system. Each of the organizations want to limit the security of your system.
Recently the FBI's National Infrastructure Protection Center (NIPC) has urged users of Microsoft's Windows XP operating system to disable a feature that could leave computers open to attacks from hackers. The FBI is the same organization that has put into place the systems called "Carnivore" and "Magic Lantern" which is designed to anonymously break into your system.
This is a problem and it is a big problem for the same reasons that I have given in the death row dilemma. If we assume that the FBI concern for Windows XP users is legitimate, than we are still affected by the conflicting motives of the legitimacy and authority. I would like to see a stronger trusting relationship between the FBI and community, but it can not happen the way that it has been approached. The FBI is constantly sending out mixed messages of trust and mistrust with the only possible outcome being that of mistrust. To some consumers who feel they are a prisoner of the State system of security thinking, the current situation does not seem to make any sense.
Until there exists a more rational and logical opportunity for the American people to participate in the defense of national security policies the policy dictates of Agencies will continue to attempt to prevail and challenge constitutionality. America needs a new Security Policy Infrastructure with checks and balances, which are represented by constitutional law through rational democratic participation by citizens and a new kind of technical court system, not a dictatorship. As it currently stands, the Directors of Federal Agencies have no absolute basis in making technical laws involving personal privacy and security because their orientation is self serving and always in their own powerful organizational interests. They are always suspect for the same reason they do not trust the average citizen.
Until a system exists for vetting and working together, the only protection for the individual users will be to assume that the kind Government Spin Doctors are not being kind and that insanity remains the only immediate solution at hand.
Copyright (c) 2001-2007 RDFollendoreIII All Rights Reserved