Welcome!

Cloud Security Authors: Liz McMillan, Elizabeth White, Yeshim Deniz, Zakia Bouachraoui, Terry Ray

Related Topics: Cloud Security

Cloud Security: Blog Feed Post

Why Passwords Will Remain Relevant: Duress

Duress password expiry is an interesting policy issue

With the continued rise in home-based and mobile working, the possibility of people being forced to access and potentially modify data during encounters with ne’er-do-wells becomes a genuine security issue.

For example, while there haven’t been many cases reported yet, the time will come when the kid lurking in the alley with the switchblade, isn’t just going to want to part you from your smartphone or tablet, but is also going to want to part you from the contents of your bank account, with it. A recent issue of FSTech (http://www.fstech.co.uk/), a UK-based financial services technology magazine, stated that banks are concerned about the lack of uptake of mobile banking solutions; my guess is that the duress situation, is one of the reasons people are averse to doing their banking “on the go”.



There are actually three categories of duress, these being:

  • local: a threat to your person, which will be exercised unless you do what you are told (eg: a gun to your head)
  • divorced: a threat to your family or other people you personally care about (and who are in a different location), which will be exercised unless you do what you are told (eg: a gun to your wife’s head)
  • remote: a threat to individuals unknown to you, which will be carried out unless you do what you are told (eg: a bomb in a populated area).

Taking this into account, it’s possible that a well-designed system which authenticates users based on a username and password would require up to 4 passwords per user – one for legitimate login in a normal situation, and three more, one for each type of duress! All these different categories may be required, as different workflow actions would be desirable based on the nature of the duress; although depending on differences in actions between duress types, some categories may be collapsible. For example: Local duress:

  • log me in, increase the level of user activity logging on my account, start signing logs to ensure evidential integrity (if not done already)
  • take snapshots of databases to which I have access, my home directory, etc, such that activities I perform can be rolled back
  • alert security or law enforcement personnel as to my location and the fact I’m in peril, request their intervention

Divorced duress:

  • log me in, increase the level of user activity logging on my account, start signing logs to ensure evidential integrity (if not done already)
  • take snapshots of databases to which I have access, my home directory, etc, such that activities I perform can be rolled back
  • alert security or law enforcement personnel to my location and the fact that folk I care about are in peril, ensure appropriate authorities are informed, but remain on standby

Remote duress:

  • log me in, increase level of user activity logging on my account, start signing logs if not done already
  • start backups / snapshots of databases to which I have access, my home directory, etc, such that activities I perform can be rolled back
  • alert security or law enforcement personnel to the fact that there is a threat to some remote location which can’t be disclosed right now, ensure appropriate authorities are informed, and remain on standby

…or whatever is considered appropriate for the situation, by organisational policy; in the case of a bank being alerted of a duress situation by a customer, transactions between institutions across the SWIFT network would need to be flagged as being allowed to proceed, but in such a manner that they could be reversed once the situation is resolved. While tokens, biometrics etc can all be employed to authenticate individuals to systems, only a password – or some other secret known only to the legitimate user, such as an order in which to press fingers to a biometric reader or a PIN to type into a token – can be substituted for an equivalent but different password to indicate duress, in a manner which cannot be observed and identified by whomever is present and causing the duress. In this respect, in a classic “defence in depth” approach to security, a duress password is “the last line of defence” available to an imperiled user. With access to data and services now being available to a typical individual anywhere there is a 3G signal, the likelihood of users finding themselves under duress at times when they have the ability to connect to systems and engage in transactions will only increase. In terms of implementation, there are three primary places where changes would need to be made in order to implement a duress system:

  1. The user directory schema would need to be extended to include duress passwords
  2. the authentication system itself would need to be extended to support entry and change of duress passwords, as well as requiring a command / control interface to the user transaction systems in order to implement logging and snapshot / rollback changes as required
  3. an out of band alerting system will need to be either installed or updated, to meaningfully communicate duress details

Duress password expiry is an interesting policy issue; I would expect a password would only be required to be changed after use if at all, as its use will hopefully be a very rare event indeed.

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder of Crucial Point and publisher of CTOvision.com

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Data analytics and deep data correlation across different threat types, it is possible to gain a better understanding of where, how and to what level of danger a malicious actor poses to an organization, and to determin...
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in development and launches of disruptive technologies to create new market opportunities as well as enhance enterprise product portfolios with emerging technologies. His most recent venture was Octoblu, a cross-protocol Internet of Things (IoT) mesh network platform, acquired by Citrix. Prior to co-founding Octoblu, Chris was founder of Nodester, an open-source Node.JS PaaS which was acquired by AppFog and ...
The Founder of NostaLab and a member of the Google Health Advisory Board, John is a unique combination of strategic thinker, marketer and entrepreneur. His career was built on the "science of advertising" combining strategy, creativity and marketing for industry-leading results. Combined with his ability to communicate complicated scientific concepts in a way that consumers and scientists alike can appreciate, John is a sought-after speaker for conferences on the forefront of healthcare science,...