Kathleen M. Moriarty - Transforming Information Security: Optimizing Five Concurrent Trends to Reduce Resource Drain

Interconnected Trends

There are at least five trends, when interconnected, that have the potential to result in a dramatic shift in how information security is managed today, for the better. Within each trend, there are some inevitable outcomes as well as interdependencies with other trends that are not often considered together to better map out a forward path. The trends include:

• increased deployment of encryption,
• strong session encryption, preventing interception,
• transport protocol stack evolution,
• data-centric security models, and
• users control of data.

While much work is happening within each trend, these trends are not typically all considered together. To realize positive change and reduce the overall threat space, it is imperative that we do just that. This chapter will explore each of the trends and how they interconnect to set the stage for the proposed changes and deeper technical considerations discussed in the book as the trends are embraced. The increased deployment of strong encryption supports data-centric architectures and is contributing to the transport protocol stack evolution. User control of data is a desired outcome for those looking to protect users privacy; however, work to support this trend is at an early stage. The general theme of the inability to manage information security as it is architected today, due to insufficient resources, will be explained detailing how embracing these trends and new architectural patterns improve efficiency and reduce resource requirements.

While the Snowden revelations (Gidda, 2013) starting in June 2013 led to an immediate increase in deployed session encryption, trends in standards development also shifted. The fundamental shift in standards was driven by the acceptance of less-than-perfect security in favor of deployability, leading to a sharper increase in deployed encryption starting around 2017. Examples of this include Opportunistic Security (Dukhovni, 2014) and the Internet Engineering Task Force (IETF) Automated Certificate Management Environment (ACME) (Internet Engineering Task Force, 2020h). Opportunistic security enables an upgrade path from clear text sessions to sessions encrypted without authentication, to authenticated session encryption. It is important to note that opportunistic security is breakable, but allows for easy automated configuration without knowledge of the other endpoint. Prior to this shift, such efforts would not have gone anywhere since the unauthenticated session could be intercepted, leaving you with no security. From a purist point of view, that was not acceptable in the past, but now there's a justification. Opportunistic security raises the cost for pervasive monitoring, resulting in an in-feasibility to monitor all sessions passively. If nation states or malicious actors want to monitor traffic in this model, specific sessions would be targeted for decryption and observation.

While we haven't seen much deployment outside of opportunistic security use with IPsec (Internet Engineering Task Force, 2020d), automated certificate management is enjoying huge success via the Let's Encrypt project. Sessions not previously encrypted have used ACME via Let's Encrypt to automate the management of certificates, improving privacy protections for end users. While Let's Encrypt offers certificates for free, the ACME protocol can be used by other certificate providers who are interested in automating maintenance of certificates, including any type of certificate. An out-of-band process may be required for identity proofing of individuals and organizations for Extended Validation (EV) certificates or other certificate types. If you are not already using ACME, it should be considered a way to ease certificate management and say goodbye to the days where an expiring certificate causes extensive server outages without anyone realizing the root cause. Now, with automation needless downtime due to certificate management problems can be avoided.

The initial increase of deployed encryption on the web rose to around 30% in 2014, the year following Snowden revelations. ACME's automation and free certificates from the Let's Encrypt project helped that number climb to 85% in 2020 (Let's Encrypt, 2020) ( ).

Source: https://letsencrypt.org/stats/

Fig. 1.1. Percentage of Page Loads Over HTTPS by Region.

This trend of pervasive encryption will continue now that session encryption is easier to deploy and there's ample motivation.

End user privacy, human rights protections, and prevention of protocol ossification are the primary drivers for the trend strengthening transport protocol encryption. Encryption is being designed to prevent interception and limit the exposure of previously exposed meta-data. When considering end user privacy, it's not only session content that can reveal sensitive information, but also meta-data. Meta-data and session signaling information may enable tracking of user sessions across the network with any identifier or combined set of unique data that can identify the communicating parties.