Your Federal Quarterly Tax Payments are due April 15th Get Help Now >>

A Primer and a User s Guide by AGS Encryptions by guy21


									                                    A Primer and a User’s Guide
                                        by AGS Encryptions Ltd.

    SecuritySP is a universal security roadmap to capture, and guide security
       reasoning, assessment, and choice. A tool for cooperative security
        planning, and a means to second-guess tomorrow's hack-attack.

SecuritySP Overview………………………………………………………… …...2
        The Origins……………………………………………………………….2
        The fundamental concept of the intractability solution protocol…///.2
        The Turing backtracking--foretracking principle:……………………..3
        Application to Cyber Security…………………………………………..4
Tapping the Wisdom of the Relevant Community……………………………..5
Use of the public version of the SecuritySP display…………………………….7
Sample Cases:…………………………………………………………………...10

Introduction: Cyber-Security is best defined as means to make it more difficult for the
other side to innovate their way into compromising your data. Hackers, intruders,
fraudsters are innovators. Failing to recognize that is a prescription for false pretense,
and eventually a failing security system. The typical security victim is like that general
who is ready for the last war. It's easier to defend against what hackers did yesterday --
we all know what it is. It is much more difficult to defend against the plan they concoct
against us tonight -- we are not very sure what it would be. But that difficulty is the one
to negotiate, if we want to prevail in this “Unending Cyberwar” 1 .

We must fight innovation with innovation. It's harder for the victim. Businesses and
organizations like certainty, streamlined operations, protocol-dictated sequence of action,
predictability -- none of that is well pointed to fend off cyber assailers. We must embrace
innovation to defend ourselves against some of the most brilliant minds that unfortunately
have put our data assets in their crosshair. For us, it's a two fold approach: first we must
second guess what innovative steps the cyber attackers would take next, then we need to
use innovation to come up with an effective countermeasure. The SecuritySP procedure
would help us in both tasks.
    See “The Unending Cyberwar” by Gideon Samid

                                                             Security-SP (a primer): [secsp-g8726], Page #-1 of 11
We shall first overview the SecuritySP procedure and methodology, in rather generic
terms, then discuss its application for our particular security challenge.

SecuritySP Overview:
Security Solution Protocol (SP) is an adaptation of the InnovationSP tool designed to
foster innovation practice, and is being used by researchers and developers in natural

The Origins:
In the last decades of the 19th century Germany initiated a novel industrial concept:
strategic innovation. Earlier innovation was random, opportunity driven, serendipity
marked. The German chemical industry had, for the first time, organized a body of top
notch experts into a project with a well defined aim: to solve a specific technological
challenge. The innovation work was managed, planned, and budgeted, much as a
nominal project would be. The problem was that innovation breakthroughs were hard to
schedule, difficult to anticipate, and very hard to rely on. This gave rise to a host of
measures, tools, devices, and methodologies aimed to harness the innate uncertainty in
the innovation pathway. The rise to prominence of the United States after WW-II was
credited in large measure to its successful application of the German model. And today
innovation productivity is a world-wide race.

Tools to reign in on innovation and creativity have been invented and proposed for
centuries. Most of them were overly ambitious and impractical, most of the rest were too
vague and impractical. In the middle of the last century, a Russian model, TRIZ, gained
some traction, and it is used in limited measures in the US and elsewhere. The
InnovationSP methodology is based on the lessons learned from the previous failed
attempts, and it was built on a simple fundamental concept, which is constantly being
refined and elaborated on. Over time this tool has been extended to handle any
intractable challenge, not necessarily technological innovation. And from that broad
base, it has been adapted to specific areas, of
which computer security is a prominent

The fundamental concept of the
intractability solution protocol
Given an intractable challenge that resists all
efforts to resolve it, one would examine three
mutually exclusive pathways to defeat that
challenge. They are:

  Abstraction, Extension, and Breakdown.

                                                     Security-SP (a primer): [secsp-g8726], Page #-2 of 11
The first premise of IntractabilitySP is that these three options are exclusive and also
inclusive, namely, there is no fourth option. In other words, anything one could do to
resolve this challenge will be described as taking one of these three pathways: To solve
an intractable challenge you may break it down to components, resolve them, then return
to resolve the original challenge. Alternatively you can combine the current challenge
with similar ones, and acquire relevant insight from this combination, then use this
insight to resolve the original challenge. And lastly, you can redefine the original
challenge with greater abstraction, increased generality, and this simplified picture will
bring about a new light that would then be used to resolve the original challenge. Many
actual innovation pathways were tested, and each and everyone of them, could have been
mapped into one of these three pathways.

The second premise, or principle, of IntractabilitySP
is that whichever pathway one chooses in an
attempt to resolve a given intractable challenge --
the result is one or more derived challenges. And
each of these secondary challenges are treatable
with the same framework of three optional
pathways: abstraction, extension, and breakdown.

This second premise (the SP iterative principle) readily defines a sprawling map centered
around the original intractable challenge.

The Turing backtracking--foretracking principle: This is the operational
procedure of the SP methodology. It is a simple one: given any intractable challenge in
focus, one would try to resolve it per se. If successful, then one would shift his or her
attention upward, to the former challenge that spawned the current one. If, on the other
hand, the effort to resolve that challenge fails, then one should shift his or her attention to
a derived challenge (choosing among the abstraction, extension, and breakdown options).
So failure to resolve a challenge will lead to 'foretracking' going forward to a next,
derived, challenge, and success in resolving a given challenge will lead to backtracking to
the 'higher up' challenge.

This Turing backtracking-foretracking procedure guarantees that one is never 'stuck'.
There is always a next step. Very intractable challenges will result in large SP maps, and
many challenges will have to be derived (foretracked into), before backtracking will
begin. The actual innovation pathway may zigzag in a complicated foretracking-
backtracking pattern. Termination of this
process may occur either when the
backtracking process shifts attention back to
the original challenge, which then is
resolved in light of all the insight that was
gained from the evolved innovation
pathway, or, as so often happens, one runs
out of resources, time, or money and the
innovation effort terminates unsuccessfully.

                                                        Security-SP (a primer): [secsp-g8726], Page #-3 of 11
This defines the fundamental principles of the IntractabilitySP methodology. For more
details consult The Innovation Turing Machine, available on Amazon, or from AGS
Encryptions Ltd. (

Application to Cybersecurity
Everything we do for security, all the fences we erect, the traps we lay, the effort we
expend -- everything is driven and justified by one measure: the threat. Without the
threat there would be no need for security. And security that does not address the real
threat is false-pretense security. Yesterday's threat has given way to today's, and
tomorrow's threat needs attention right now. The threat in cybersecurity is the innovative
power of our assailers. To combat that threat and prevail in the ongoing cyberwar we
need to second-guess the hackers, preempts the fraudsters, ambush the intruders. And we
cannot do it, if we don't put ourselves in their shoes. Security must think like their
opponents much as chess players do. In all the textbooks on combat and war-making this
principle of know thy enemy fares high and up. Unfortunately, most security people
simply loath the hackers, which is no substitute for second-guessing them. The hackers
face an innovation challenge. Their success hinges on their ability to come forth with
new methods. They prevail when they win the imagination race, when they think of
something to do to us, that we failed to anticipate and spot. So, first order of things for
any security advisor is to characterize the threat, to second-guess the creative process of
the other side, and that is where SecuritySP comes in handy.

                                                     Security-SP (a primer): [secsp-g8726], Page #-4 of 11
Use it by starting with the challenge to abuse you in cyberspace, then apply the procedure
to find how they would go about doing it, and the means, the tools, the tricks, the
surprises, they will bring about to achieve their goal. We have been able to map any
successful security breach onto the SecuritySP map, and the map gave it clarity, enhanced
our insight, and enabled second-guessing our opponent's next move. And remember, if
your assailer will think of something you missed, he will find no defense, no roadblocks
on his path. You will be hacked! So use the SecuritySP tool to develop the full range of
hacking pathways to your data assets -- a prerequisite for efficient security.

SecuritySP: Tapping the Wisdom of the Community
The SecuritySP may be expressed in a community shared framework. The security map
definition is written in an HTML format, and anyone reading this HTML page can add
his comments: agree, or disagree, think likewise, or think differently, express and write
whatever is on his or her mind then click-send it to the managing center for this security
map where it would be slated for posting as an alternative map option for the particular

                                                      Security-SP (a primer): [secsp-g8726], Page #-5 of 11
security challenge. By making the SecuritySP map visible to anyone with relevant input
for the challenge in point, we allow that community wisdom to express itself in a
balanced way. Reading the proposed breakdown options, as well as the proposed
extension and abstraction options, the respondent might add his point of view by
proposing an alternative breakdown,
or a different extension challenge, or
perhaps another formulation of the
abstracted challenge. Adding his or
her input into the same page where
the current version is displayed, and
then clicking (sending) his or her
edits to the case management center,
the new version will subsequently be
posted as an alternative branch of the
map. Other respondents might like
that alternative and add their input to
elaborate on it (developing the
SecuritySP map in these sections). The alternative that attracts most of the attention from
the community at large will “bubble up” to be the main branch. This procedure steers the
development of the SecuritySP map in accordance with the wisdom of all those who have
something to contribute to the resolution of the challenge.

The mangers of this securitySP case would determine who has access to this map. If this
securitySP procedure is applied to the general proposition of hacking, then anybody
should have access to this map, and be in a position to add his or her contribution. And
indeed such a generic hacking map is displayed on the Web (click here). However, if one
is using the securitySP procedure to anticipate what hackers might do to private data
assets then the map should have restricted visibility, and only insiders, and selected
consultants will be privy to its details.

Having concluded to map the pathways through which one may be cyber attacked, the
next step is to use the same tool to develop the countermeasures -- the security innovation
pathway. Every attack avenue should become a security challenge for which the
securitySP will help you map an effective innovative response. And here too, the HTML
framework will invite everyone you give access to, to read, and comment, change,
modify, support or challenge the security ideas to help you prevail in this unending
cyberwar. Experience shows that the more contributors you have, the more robust the
ensuing security strategy. Nobody is a perfect expert on all aspects of the challenge.
Some are familiar with the security features, others are familiar with the core business
and work of the company or the organization, yet others are educated in the science of
security and cyber protection, and another group has good handle on the human
landscape -- the people whom you trust with your data, often they are the weakest link.
By allowing the various points of view to weigh in on the security-SP map one avoids the
pitfall of limiting the design to the ideas of a single individual. As the book "The

                                                     Security-SP (a primer): [secsp-g8726], Page #-6 of 11
Wisdom of Crowds" has so clearly shown: no individual, however gifted, is any match,
for the long run, to the wisdom of the relevant community at large.

Once the SecuritySP map is complete, it's a matter of standard procedures to translate it
into a plan of action. All the installed devices (software, hardware, firmware), rewritten
procedures, newly crafted policy, and the ensuing trainings are measured, and judged by
their adherence to the SecuritySP map developed by the relevant community.

Use of the public version of the SecuritySP display
The SecuritySP map is displayed as a set of standard form HTML web pages. Each page

1. Identification logo and links(2): The left and right top corner is reserved for logo
display, and links for further explanation.

2. Description of the current security challenge:

                                                     Security-SP (a primer): [secsp-g8726], Page #-7 of 11
3. Description of the abstracted challenge:

4. Description of the extended challenge.
5. Budget/Attention allocation box.
6. Description of up to six component challenges.

                                                    Security-SP (a primer): [secsp-g8726], Page #-8 of 11
7. Description of the configuration of the breakdown components.

8. Description of the current information about the solution of the
current challenge.
9. A comment window
10. Personal Information Section
11. Qualification Data

The page is operated by reading and re-writing the contents of the derived security
challenges (the abstracted challenge, the extended challenge, and the component
challenges). It features a menu bar with action button, and also each derived challenge is
fitted with a 'goto' button. Upon pressing that button the respective security challenge is
presented as the new current challenge and its derived challenges are displayed on the
new, same format, page. Hence, by pressing various 'goto' buttons the user may traverse
through the full span of the SecuritySP map. This flexibility to re-focus one's attention on
next challenges, and before-challenges is to be applied in the solution procedure of the
original challenge. (The foretracking-backtracking sequence).

The menu bar options are:

1. Help button
2. Reset button.
3. Reverse SC
4. Home
5. Click/Send button

The 'help' button replaces the contents of the various form windows with notes of
explanation. The 'reset' button returns the original content of the windows (before the
editing and re-writing by the user). The 'reverse SC' brings to focus the prior security
challenge, the one that spawned the current one. By repeatedly pressing the 'reverse SC'
button, one climbs back to the original challenge from any point on the SecuritySP map.

                                                      Security-SP (a primer): [secsp-g8726], Page #-9 of 11
The 'Home' button brings up the 'launching pad' -- the page where various original
security challenges are displayed. The 'Click/Send' button sends the re-written and edited
contents of the various form windows, and delivers them to the case management where
these proposed changes are evaluated and eventually posted as an alternative branch of
the SecuritySP map. Before sending the edits, the user should identify himself by name
and by email. It's recommended that the user also responds to the qualification answers
at the bottom of the page.

Sample Cases:
An Insider’s Job: A financial institution has come to the conclusion that an insider
appears to be betraying his or her trust, and thus faced the challenge to flush that person
out. Following the SecuritySP protocol they have used (1) deterrence – announcing that
anyone caught compromising corporate data would be prosecuted to the full extent of the
law; they have used (2) entrapment (by presenting different individuals with somewhat
different data, so that by those details they would know who was the fraudster; they have
(3) added a security layer to the log-in protocol; and they have (4) installed sophisticated
behavioral software to follow on online behavior. As can be seen, the company followed
all the steps marked in the generic SecuritySP map – but to no avail. The person they were
after was either too smart, or aware of the attempts to catch him, and he or she was very
careful. The security chief assembled the security advisory board and laid out the
challenge on his PC installed version of SecuritySP.

 The SecuritySP display clearly indicated that they have applied the four generic actions to
the challenge, but were still not successful. One member of the board, pointed out that

                                                     Security-SP (a primer): [secsp-g8726], Page #-10 of 11
the abstraction option was not taken up. She decided to define it. She said: “We are
trying to catch someone who leaks our data to our competitors – right? So the abstracted
challenge for it would be: “To spot an employee who is a crook!” And that was how she
defined the abstracted challenge. Her proposal was to use a psychological procedure that
included interviews, some subtle scare tactics, and cross-fingering of each other. Within
two weeks she reported back that three people, rather high up, were fingered out as least
trustworthy. One was an under-performer evaluated for a prospective termination, so he
was laid off summarily. The second was close to retirement, and he was retired early, and
the third was re-assigned so that he lost those data privileges. The leaks stopped. It was
clearly one of these three, and nobody knows who.

Abuse of the Freedom of
Information Act: Hackers have
been known to abuse the Freedom of
Information act to acquire personal
data attributes of important people,
and then use this data in a
subsequent scheme. One affected
department looked into solving this
problem by component solutions: (1)
increased training and awareness to
FOI personnel, (2) developing
algorithmic detection of excessive
private information on released
documents, (3) possible entrapment
by adding false data (this proposal ran into legal roadblocks). None of these breakdown
options worked very well, and so the department activated the ‘extension’ avenue, and
initiated a cross-departmental communication and sharing system to spot such frivolous
FOI applications.

Nancy Gould

Version: SECCP-g8726

                                                    Security-SP (a primer): [secsp-g8726], Page #-11 of 11

To top