Communications security
Jump to navigation
Jump to search
This page documents work that has been done to formulate a good description of OLPC's goals in the field of communications security. To this end, we will begin with some paraphrases and quotes from Bitfrost that seem appropriate, then offer a subdivision of the term "communications security" into more primitive notions, and finally, we will present and reflect on some simple use cases.
Reflections from Bitfrost
- ...the intent of our complete software security model is that it "tries to prevent software from doing bad things": e.g., attempt to damage the
machine, compromise the user's privacy, damage the user's information, do "bad things" to people other than the machine's user, and lastly, impersonate the user
- there's no trust mapping between people and software: trusting a friend isn't, and cannot be, the same as trusting code coming from that friend
- the security of the laptop cannot depend on the user's ability to remember a password (though passwords may be used by more advanced users)
- authentication of laptops or users will not depend upon identifiers that are sent unencrypted over the network
- ...users will be identified... without a certified chain of trust
Security Properties of Communications
"Secure communications" can be thought of in terms of
- the logical security of communications channels (e.g. can I forge messages, read confidential messages, perform traffic analysis, ...),
- the isolation properties of the network/node interface, and
- the physical security of a human carrying a networked laptop (e.g. can the laptop be physically located by analyzing its communications).