Platt Perspective on Business and Technology

Online social networking and community when machines think – securing flexible systems against threats

Posted in business and convergent technologies by Timothy Platt on May 13, 2010

This is my fifth posting to date on the topic of intelligent network infrastructure and on how this is coming to change the nature of online social networking and community, business and the online experience in general. I began this series with discussion of machine intelligence and the Turing test and continued that with a second installment following through on this foundational topic. I then turned to examine two specific test cases with a posting on next generation electrical power grids and a posting on financial instruments trading and exchanges. Both of these focused on SCADA (Supervisory Control And Data Acquisition) systems as a basic network design paradigm, though that is only one of a number of possible approaches to developing intelligent network infrastructures.

These case study examples were selected both for the opportunity they offer for developing more effective, responsive systems through development of intelligent infrastructure, and for their demonstrated potential for things to go wrong as they are now organized in their current dumb network forms. I focused in earlier postings on the positive potential for smart networks and turn in this posting to look at a fuller perspective where intelligent network infrastructures might create new and emerging opportunities but also create new and emerging challenges and potential vulnerabilities.

Intelligent infrastructure-based systems are by their very nature flexible and more open-ended than any simple deterministic rules based system. A simple system that only supports one or a few very specific alternative paths of valid and acceptable data submission and interaction primarily just needs to be monitored and managed to the level of keeping data exchanges within the close, known and foreseeable parameters that those interactions would specify. So to offer a very specific example, if an online registration form has a field for entering zip codes or other postal codes and the form also offers a field for selecting registrant country from a pull-down menu, then selecting United States as country might invoke application of rules-based processes that limit acceptable postal code data entered to five digit numbers, or five plus four and with and without a hyphen or space but with that only allowed after the fifth digit entered and before the sixth. Entering Canada or the UK as country instead would cause a switch in the rules applied for specifying valid postal codes to allow for a different set of acceptable combinations of characters with both letters and numbers and with a string length of six characters required for an acceptable complete response. Then only specific rules-based orders of letter and number combinations would be allowed to complete this example.

The point here is that while this type of rules-based system can get complex in its details it is still fully deterministic with every possible acceptable data input stream conforming to a single overall predetermined axiomatic system of rules. These systems can be represented by a closed and all-inclusive algorithmic system. When allowance has to be made for flexibility and even learning on the part of underlying hardware and software infrastructure, this simplicity is lost. Different approaches have to be used to manage quality assurance and to mitigate against transaction failures that go beyond just checking for possible rules infractions like SQL injection and buffer overflow problems – problems where all inputs and internal data processing can be validated against a single predetermined standard for all allowed data input.

When valid data flow carries with it the indeterminacy that would come with passing any realistic version of a Turing test, any monitoring and validation of data input is going to have to include nondeterministic and stochastic elements too.

It is not that the core issues and problems in software development that address the vulnerabilities of dumb networks will go away. The top ten list of development vulnerabilities that is maintained by The Open Web Application Security Project (OWASP) has several entries of very long standing and they will, I am sure, continue to recur. It is that whole new layers of potential vulnerability will be added that standard deterministic rules-based testing systems will not necessarily catch.

A combination of deterministic rules-based and fuzzy logic pattern recognition testing will be required and that will have to in a fundamental sense mirror the underlying logic of the Turing test-positive system under review. This will in practice mean building and tracing activity through a simulation model of the smart network with its complex of changing rules to find places where logical inconsistencies and other emergent vulnerabilities can arise.

This is in a fundamental sense a posting that is coming out prematurely in that we are still just coming to understand what an intelligent infrastructure is. But this is also a timely posting insofar as we need to build these systems with a built in from the foundations awareness of their potential vulnerabilities. And that means limiting simple breakdowns and it also means identifying possible areas where these systems could be attacked.

In the balance of this posting I am going to propose two basic approaches to vulnerability, and both are based on a core concept that I first touched upon in my second posting in this series. Turing test-positive, intelligent infrastructures would have both top-down and bottom up connectivity and organizational requirements. An attack focusing on either side of this organizational system that had the effect of degrading a connected, intelligent infrastructure network into a badly connected jumble of dumb networks would be a successful attack against that system as a smart network. To cite the two case study examples I touched on in my third and fourth postings:

• Any attack on a smart, intelligent infrastructure electrical power grid that had the effect of degrading it to the status of our current connected but uncoordinated system with its potential for regional disruptions would be an attack at the level under discussion here.
• Any attack on an intelligent infrastructure, broad based financial trading system that degraded it to the level where we were again vulnerable to the types of disruption we currently see would be a successful attack at this level. I note in this example that last week’s drop through the floor in the stock market for that 15 minutes appears to have started with massive volume sell orders coming from a single, specific trader in a single, specific exchange that had the effect of decoupling the meshing of sellers and buyers and that caused massive, spiraling revaluation of investments based on apparent loss of support for them.

In principle, such a disruption could be bottom-up with disruption through conventional approaches (e.g. denial of service, etc) to disrupt connectivity. Such a disruption could also be top-down and be based on a direct attack on overall executive organizational capabilities – the capacity to identify and resolve apparent conflicts and inconsistencies as they develop in different but connected parts of the overall system.

I am going to look in a bit more detail at both of these approaches in the next posting in this series, and at possible approaches to limit these vulnerabilities.

One Response

Subscribe to comments with RSS.

  1. […] article and I certainly remember its follow-through. At the end of part five in this series: Online Social Networking and Community When Machines Think – securing flexible systems against thr…, I said that I would follow through in this next installment with a more in-depth look at some of […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: