[langsec-discuss] Is computation half the story?
david at fetter.org
Fri Mar 27 12:41:38 UTC 2015
Perhaps I'm being naif here, or irrelevant, but it seems like
composition of properties leads immediately to behaviors far beyond
those inherent in any component, assuming the components aren't
already Turing machines. At base, let's imagine a network of two very
simple types of machines, or gates, if you prefer.
The first type takes one input and return its opposite--we can call
those ones NOTs. The second type takes two inputs and returns logical
AND, and for simplicity, we call those ANDs.
As you'll recall from digital logic, NAND is the only gate you need in
order to make anything you want. The idea here is that if you can
combine even the simplest type of machine in sufficient quantity, you
can do just about anything you like.
What have I missed here?
On Fri, Mar 27, 2015 at 05:11:35PM +0530, Sashank Dara wrote:
> Interesting read. Have come across "Emergent Behavior in Cyber Security"
> Not sure if that would help you in some way. But it is an important area of
> On Fri, Mar 27, 2015 at 5:52 AM, Taylor Hornby <havoc at defuse.ca> wrote:
> > I wrote a blog post...
> > https://defuse.ca/how-do-we-model-this-robot.htm
> > ...wherein I make the distinction between a machine's computational
> > abilities (i.e. which languages can it decide?) and a machine's
> > "informational" abilities (i.e. how can the machine influence the
> > outside world? what APIs is it allowed to call?).
> > I chose the the term "informational" for lack of a better word because
> > it is about information entering and exiting the machine, or moving
> > between "parts" of the machine.
> > I concluded the post by claiming computer science has no general theory*
> > of this property. We understand computation well from computability and
> > complexity theory, but "informational" capabilities are only understood
> > through limited models like ACLs, Bell-LaPaudula, noninterference, etc.
> > Those models are properties systems should have in order to be called
> > secure. I'm thinking more along the lines of starting with a given
> > system then quantifying its its "power" and proving theorems about what
> > it can and can't do. Most importantly, relating the power of one given
> > system to another given system.
> > The models we have lack completeness and generality. There is no
> > equivalent to the Church-Turing thesis for informational capabilities.
> > There are no theorems about what happens when we "nest" systems. (Think
> > about questions like: If System B is a process running on System A, is
> > System A free of covert channels if-and-only-if System B is?).
> > So: Am I right about this? Are we really missing half of the picture? Or
> > do the models we have satisfy our needs? Has it been proven that no such
> > theory can exist, or if it did it couldn't be useful?
> > I would appreciate references to the literature.
> > If what I am saying makes any sense at all, I propose we stop thinking
> > of "access control"-type notions as part of information security.
> > Instead, they should be studied as a fundamental part of computer
> > science, in complete generality (not an easy task!).
> > Thanks,
> > - Taylor
> > * By "theory" I mean a general system of knowledge and understanding.
> > Think "theory of evolution", not "theorems."
> > _______________________________________________
> > langsec-discuss mailing list
> > langsec-discuss at mail.langsec.org
> > https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
> langsec-discuss mailing list
> langsec-discuss at mail.langsec.org
David Fetter <david at fetter.org> http://fetter.org/
Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter
Skype: davidfetter XMPP: david.fetter at gmail.com
Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate
More information about the langsec-discuss