THE DESIGN PRINCIPLES FOR SECURE STORAGE.
- 15 sep, 2022
The essence of security is about predictability. The more predictable a system the more secure you feel in interacting with it.
Personal computers have generally have the capability of arbitrary computation. This is because they have hardware and software designed as such. The processor on a personal computer general purpose memory, on this processor runs a general purpose OS and one top of that OS the user run programs made with general purpose programming languages. That is the modern personal computer is from a predictability standpoint, unpredictable.
This is fundamentally why a modern personal computer cannot be secure. The designer of the system must consider all possible attack vectors of the computing system but since the system is arbitrarily general purpose taking into account all possible attack vectors is a futile effort.
Thus, the designer lives with this fact and deals with security exploits as they come into play, with some collateral damage being acceptable.
As digital systems are becoming ubiquitous in our lives this collateral damage is unacceptable. It is necessary to have a computing device which prioritizes security above all else.
It must have memory which prioritizes predictable access, an operating system which runs with predictable behavior and on top of which a limited set of instructions can execute. Such a system can be predictable and hence secure.
From this perspective we have the advent of personal security devices, devices like the Ronyn Vault. Such a device has no use alone, but combined with a general purpose computing system, we being to approach an optimal solution, a hybrid solution.
One device which provides secure, predictable behavior and the other which provides general computing convenience. The future of security lies in specialized hardware.