The Security Game


Readers may remember that three or four years ago IBM, in the person of Vin Learson, made a public commitment to data security. Since then the four major projects set up and funded by the company have published their reports - I wrote an innocuous foreword to one volume of the lllinois results. It would be quite feasible for IBM or its competitors to build a great deal more hardware and software security into future systems: into FS, in fact.

Let's speculate how the ads might read . "We believe that during the life of this powerful new family, every customer will have some need for data and system security. Accordingly, all accesses are guarded by hardware and software locks and passwords. All terminals and other peripherals are connected to internal channels via sophisticated scramblers. Data communications are heavily encrypted.

"Valuable and sensitive data will be available only to authorized electronic and human destinations.

"Because this security equipment has been designed into FS from the outset, it reduces throughput and capacity only very slightly. Because it is part of every level of equipment, and not added in only a few places or for select customers, its cost is spread over the entire installed base and is correspondingly low".

And so on - it's not hard to write copy for such a capability. But now look at the new "secure" IBM machines. Each box is scheduled and physically locked up. All password checks and encryption and decryption are done inside, where the plug-to-plug boys can no longer go. Interfaces are not only coded, but run through the middles of several miniscule multilayer chips. No crude hacksaw, no handydandy Cannon plug can intrude.

Physically, a printer or a terminal or a box of add-on memory can be unplugged and a compatible non-lBM substitute connected. But what it gets from the central system will be gibberish - and, needless to say, gibberish that changes at frequent and unpredictable intervals. All the IBM peripherals understand it, stay in step. But the cheap competitive gear is out of touch, substantially deaf and dumb and blind, until somebody works out the new code.

And remember, it could be timedependent. Imagine cracking a safe where the combination was 32 or 64 bits long and changed every few minutes under control of a clock inside the safe!

Yes, there is a real possibility that hardware and software and data will be much more secure in the post-1976, FS era. There is virtual (oh, oh, that word !) certainly that IBM will be more secure. That was $40 million well spent, boys!