I am fed up about reading about the “Snowden Affair” at the NSA. This is not to say that I believe it is alright to have governments spying on individuals (as if they haven’t been doing so for centuries). I am also not condoning the theft by Snowden of sensitive material and the delivery of it to the hands of someone other than its owner. But Edward Snowden has now placed every system administrator under the microscope after his act of distrust.
The computer industry, for years, has had solutions to protect against this type of computer vandalism. I find it a little bizarre that there has hardly been any discussion around how a low-level, system administrator, working as a contractor for the National Security Agency, was able to access and copy thousands of electronic documents with apparent ease.
Let’s compare the activity of Edward Snowden to what Anat Kamm perpetrated. Anat Kamm was highly vetted by the security of the Israel Defense Forces before she was given access to highly secure documents. Kamm was privy to sensitive documents every day in her position in the Central Command of the IDF since this was part of her role. She was able pass these documents to the press because her position was allowed access by definition. On the other hand, the news articles around Snowden have noted that he shouldn’t have had direct access to sensitive material and therefore his security clearance was minimum. The default permissions of a system administrator allowed Snowden access to material of which he shouldn’t have had rights to.
So how could technology have limited Snowden’s damage to the NSA? Any such solution requires upper management intervention, compartmentalization of roles and tasks, and finally the implementation of these job definitions in a system wide fashion. There is an obvious amount of overhead in the initial stages of such a solution but once the organzation – in this case the NSA - has created these roles and policies, then it is an easy task to assign them to new and existing employees. Israeli companies like Checkpoint and Imperva provide solutions in this area but basic implementation of LDAP or other directory based profiles and ACLs would have gone a long way to limit the damage of an employee with a “conscience”. (BTW – isn’t it funny how all this information is available on Wikipedia yet the NSA didn’t seem to implement any of it?)
Did you know, though, that the American government’s Department of Defense (DoD) produced a requirement for secure operating systems – more commonly called “The Orange Book” – in 1983? This document describes how to increase the levels of security in the OS. The management of this publication was by the NSA itself. The document defines levels of security where C2, Controlled Access Protection, was the minimum level required to respond to government RFPs (request for proposals). “The Orange Book” is the basis for the international standard Common Criteria. Major computer vendors spent a lot of resources in developing OSs that hold to this standard. Sun Microsystems, as an example, delivered a network based solution called Trusted Solaris that is still available today via Oracle.
I don’t have any vested interest in Oracle but as an ex-Sun employee who answered many US government RFPs in the past, it irks me to now know that the NSA never really implemented the full capabilities of their own spec. This would have limited the damage that Snowden, or any other sys-admin, could commit. On the other hand, we would still be in our own cocoon of denial that “Big Brother” is not listening.
Read Start-Up Israel to keep your finger on the pulse of Israeli high-tech and innovation!