| 4.4 Access
01. Privileged Administration | |
|---|
| 4.4.01. Privileged Administration: | | 1. Privileged procedures must be treated with very high levels of due diligence to protect the parties involved. | | 2. As a policy, at least three approved people must cooperate together in real-time using their approved computer on an approved network to sanction any procedure that accesses sensitive data. No one person can access any sensitive business data. Tier-3 is the name of the type of support request used by at least three approved people to effect an administrative change to sensitive data. |
| Threat Analysis: | | 1. Every company with a System Administrator has appointed a single point of failure that will be attacked and will eventually fail. | | 2. As a policy, no System Administrator role exists or needs to exist because System Administrators are put at risk by criminals and state sponsored agents who imagine that System Administrators and their families can be attacked to disclose data. | | 3. As a policy, no privileged roles exist that could cause a person and their family to be put in harms way of criminals threatening violence in return for a copy of business data. | | 4. As a policy, no super-user roles exist that could cause a person and their family to be put in harms way. | | 5. It is suspected that no criminal could impersonate three approved people using their own approved computers on approved networks at the same time. It is suspected that no criminal could imagine how a Tier-3 support request could be fashioned to cause sensitive data to be accessed and changed. | | 6. No one person and their family must ever be placed in harms way by granting them access rights to any business data that is not excessively encrypted. Criminals can make off with a child and then trade that child for valuable business data including intellectual property rights. |
| Privileged Administration Procedure: | | 1. An approved person will be authenticated using their approved computer on a approved network. The person will create a new Tier-3 suport request that identifies the scope of the administrative procedure that needs to be undertaken. | | 2. Other approved people in other places using their approved computer on an approved network will be notified of the Tier-3 support request as it is created. At least two other approved people must add their approval to the Tier-3 within the same hour. | | 3. When all three approved people agree, then Eliza shall carry out the Tier-3 procedure while all three approved people monitor the action. Eliza has access to the Bastion server in each data center that may access other servers that are not connected to the Internet. In a string of supply chain approvals, any administration procedure can be applied under the control of at least three people in three places. |
| Excessive Encryption: | | 1. All business data is encrypted using many layers with different methods to the point where no one person knows what encryption has been applied to any field, table, database, folder or partition. | | 2. A very large number of encrypted keys are encrypted and stored in many locations so no one person knows where the key are and how they are encrypted and where they may be used. | | 3. Security is based on the elimination of people from the process and the adoption of artificial intelligence that can copy with excessive levels of knowledge that are beyond the scope of any one person. | | 4. As a policy, if a state sponsored agent gained physical access to a rack of servers in a data center, it is certain that all business data is stored in a way that is meaningless and worthless. | | 5. Agencies with the most powerful computers in the world may devote many months of processing time in an attempt to brute-force decryption, but certain pseudonymisation encryption methods cannot be decrypted using massive processing power. Where business data is hidden inside photographs and video streams, no amount of processing time will be able to deduce where the data is. Where encrypted data is encrypted using different methods, then by cracking one layer of encryption, the result is just a meaningless string that is input to the next layer of encryption. | | 6. Agencies may be geared up to decrypt (email) messages, but they are not skilled in decrypting specific field values inside an encrypted record inside an encrypted database. In fact, the lack of encryption research papers on the matter of field level decryption may indicate that it is not viable. | | 7. Not all data is encrypted; a lot of data such as guide pages are simply hidden and stored in a way that a criminal is likely to overlook. |
| System Administration: | | 1. The threat to the health of System Administrators is so great that many years of work was undertaken to eliminate the role. Part of the result was the teaching of Eliza as the Artificial Intelligent Assistant that can do all the jobs that were once done by a System Administrator. | | 2. A primary System Administration procedure is patch management - a job that has not evolved for the last 20 years in most organisations, but a job that can be totally automated. When a patch is identified to be applied to a specific server, then a Tier-3 support request is raised by an Engineer. Other Engineers will verify the scope and applicability before adding their approval within the hour. At the scheduled time and when the server is not in production mode, Eliza will pass the patch via a Bastion server to the specific server that is then patched and restarted. | | 3. Patching is scheduled for data centers that are not in production mode and then production mode is switched to other data centers so any unpatched server can be patched. Eliza has been taught the skills to carry out these procedures while Engineers monitor the actions. | | 4. Configuring a new database, adding tables and reconfiguring existing tables are procedures that Eliza will undertake when scheduled with a Tier-3 support request with three approvals. Evidence of who did what is recorded as Tier-3 support requests, so a complete evidence chain is always available with the names of the people who made the approvals. | | 5. Application programs have been replaced with knowledge engineering that is supported with online data entry capabilities so no administration is needed. Business rules can be maintained in real-time without any system administration. Encryption key management can be maintained in real-time without any system administration. By not using application programs, malware that appears as an application program has no place to execute. | | 6. Access control of user accounts have been replaced with CRM services that support any number of tenant owners in any number of locations with any number of approved people. CRM services can be maintained in real-time without any system administration. |
| Sensitive Data: | | 1. System software is the primary sensitive data that must be protected from unauthorised change. Patch Management is the primary procedure used by Eliza with a Tier-3 request to keep system software up to date. | | 2. System software includes configuration and definition files that are also sensitive protected data. Database Management is the primary procedure used by Eliza with a Tier-3 request to keep this up to date. The evolution from SQL to NOSQL has seen an increase in the number of protected definition files. | | 3. System software includes Eliza as the artificial intelligent assistant that monitors everything and does everything. Patch Management is the primary procedure used by Eliza with a Tier-3 request to keep Eliza up to date - self-managed. | | 4. Eliza includes a mountain of encryption methods and keys that are applied to everything that needs to be protected. Encryption Management is the primary procedure used by Eliza with a Tier-3 request to keep adding large numbers of encryption methods and keys. | | 5. Encrypted business data is sensitive data that can only be accessed by Eliza - it is meaningless and worthless to anybody else. Access Control is the primary procedure used by Eliza to grant an approved person access to a piece of business data. | | 5. Encrypted business data has a documented life cycle that is managed by Eliza and destroyed when the business data has exceeded its life cycle. No person can sanction the destruction of business data other than by changing its documented life cycle. |
| Commissioning: | | 1. When a new data center is commissioned, it has a lot of sensitive data but no business data. Encrypted business data will be replicated to the new data center as a normal part of the replication control service. | | 2. Within every 25 months a data center must be de-commissioned and all hardware re-cycled. | | All encrypted business data is physically destroyed at the start of the de-commissioning procedure. | | All knowledge rules are physically destroyed at the start of the de-commissioning procedure. | | 3. Machines tend to be downgraded to service other kinds of web site as they get older. | | Increased numbers of redundant web and application servers are configured where the machines are older. | | Some Dell web servers that were first commissioned in 1998 are still fully operational in 2017, notwithstanding in a parallel cluser with many other web servers. |
| Document Control: | | 1. Document Title: Privileged Administration. | | 2. Reference: 164401. | | 3. Keywords: Privileged Administration. | | 4. Description: Privileged Administration without System Administration and without privileged accounts. | | 5. Privacy: Public education service as a benefit to humanity. | | 6. Issued: 13 Feb 2017. | | 7. Edition: 2.2. |
|
|