美國國防部為『可信賴的系統或元件』所下的定義,是『能夠破壞安全規範的東西』.
乍看之下和直觀完全相反,實則有其操作上的意義.以人為例,一個人被賦予愈高的安全等級,受到愈多的信任,意味此人一旦失能或越軌,對安全的破壞也愈大.
文中的舉例更加透徹.你信任醫生能維護病歷的隱私,表示他能接觸你的病歷,他也有機會將之洩露,不論無心或故意.你用不著信任我,因為我沒有你的病歷.無論我喜不喜歡你,都不會影響你的隱私.反而在制度上,受信賴的醫生,才是有能力傷害你的人.不管你覺得醫生是個好人,或者他是全世界碩果僅存的醫生,你不得不信任.美國防部的定義泯除了個人情感主觀的因素,安全系統由此建立.制度性的「信任」實際上基於「不信任」(註:斜體部份係節譯原文,如有謬誤,作者自負文責)
不由得想起前不久的胡志強事件.台灣社會對形而上的倫理道德大都能琅琅上口,卻缺乏實踐的操作準則.以致於拿病歷當街叫賣的醫師遭千夫所指之際,還能振振有辭地辯駁.空泛的道德標準經常相互扞格,個人隱私和公眾知的權利要如何兼顧?如果沒有禁止醫師洩露病歷的鐵則一條,訴諸醫德的隱私權就只是空話.
至於空洞的政治口號更俯拾皆是,其中經典就是「相信台灣」.具體來說這四個字究竟是什麼意思?誰是台灣?相信什麼?要如何相信起?以及最基本的,為什麼?如何能為「相信台灣」下一個具體的操作型定義?還是不知所云繼而人云亦云,最終讓人偷偷置換成相信某黨、甚至某人.吊詭的是,借用一下美國國防部的定義,這個某黨或某人所佔的,還恰好是為害最大的位置.
註:引文作者Ross Anderson,是「信任運算Trusted Computing」這項新興產業標準的反對者,他的網站`Trusted Computing' Frequently Asked Questions有饒富趣味、不同於業界巨頭的觀點,值得一讀.其實是有翻譯的,我也看過,但在寫作本文時,不知何故連接不上.願意讀中文版的朋友,請自行嘗試英文網頁開頭、選擇Chinese版本的超連結.(補註:連得上了.請按這裡)
引文摘自上述網頁的FAQ24,節錄如下:In the US Department of Defense, a `trusted system or component' is defined as `one which can break the security policy'. This might seem counter-intuitive at first, but just stop to think about it. The mail guard or firewall that stands between a Secret and a Top Secret system can - if it fails - break the security policy that mail should only ever flow from Secret to Top Secret, but never in the other direction. It is therefore trusted to enforce the information flow policy.
Or take a civilian example: suppose you trust your doctor to keep your medical records private. This means that he has access to your records, so he could leak them to the press if he were careless or malicious. You don't trust me to keep your medical records, because I don't have them; regardless of whether I like you or hate you, I can't do anything to affect your policy that your medical records should be confidential. Your doctor can, though; and the fact that he is in a position to harm you is really what is meant (at a system level) when you say that you trust him. You may have a warm feeling about him, or you may just have to trust him because he is the only doctor on the island where you live; no matter, the DoD definition strips away these fuzzy, emotional aspects of `trust' (that can confuse people).
原發表於Jeff & Jill的窩,2006/04/26 12:19:17
沒有留言:
張貼留言