Difference between revisions of "Exceptional Access"
From MgmtWiki
(→Problems) |
(→Problems) |
||
| Line 10: | Line 10: | ||
#User health information is widely regarded as containing many secrets that users should be able to protect from release to anyone without their consent. However, if the user is laying comatose at the scene of some major trauma, such concerns take second place to protecting the user's life. The absence of user consent must not be a hindrance to the overriding interest in protection of life itself. | #User health information is widely regarded as containing many secrets that users should be able to protect from release to anyone without their consent. However, if the user is laying comatose at the scene of some major trauma, such concerns take second place to protecting the user's life. The absence of user consent must not be a hindrance to the overriding interest in protection of life itself. | ||
#Legitimate governmental secrets | #Legitimate governmental secrets | ||
| + | *As of early 2019 there was nearly universal belief that it was not possible to design a secret protect scheme with a "brake the glass" mechanism that would not be misused. | ||
==Solutions== | ==Solutions== | ||
Revision as of 15:03, 18 April 2019
Full Title or Meme
Good Public Key Cryptography is dependent on the absolute protection of the Private Key Component of the public/private key pair. But it turns out in most cases that are is good reason to allow Exceptional Access to data protected by the key.
Context
Ever since strong cryptographic encryption technologies were created, shortly after computers become common, there have been governmental agencies that have worried that their lack of access to private data, under the existing rule of law, was a threat to the security of the Common Good that they are charged with protecting.
Problems
- After the spectacular failure of skip-jack, the industry has been able to keep most governments at bay in their attempt to gain access to user's secret information.
- There are many reason why secret protections almost always need some sort of "brake the glass" mechanism to activate an alarum on solve a security problem.
- User health information is widely regarded as containing many secrets that users should be able to protect from release to anyone without their consent. However, if the user is laying comatose at the scene of some major trauma, such concerns take second place to protecting the user's life. The absence of user consent must not be a hindrance to the overriding interest in protection of life itself.
- Legitimate governmental secrets
- As of early 2019 there was nearly universal belief that it was not possible to design a secret protect scheme with a "brake the glass" mechanism that would not be misused.
