Finding The Hidden InfoSec Story

Getting Airport Security Right

Photo Credit: andertho via Compfight cc

The recent tightening of airport security for flights to the USA brings to mind the balance that has to be struck between usability and security, and is a theme that spills over from the physical security world to the digital security world.

Think of an airport like a computer system.

It processes streams of data (us passengers); it puts the data into a buffer (makes us queue); it inspects content at the firewalls (check-in is the port check , with 443 as the business class, and packet inspection is through the X-ray machine and body search); the router sends data to its destination (departure gate); and then squirts the data streams down the network (puts us on a flight). Fortunately the computer doesn’t usually lose your baggage.

But one of the main functions of an airport is security – In the case of an airport the system is looking for a terrorist, in the case of a computer network for malicious code or viruses.

In the airport the passenger also has their role to play. Before entering the airport they must seek out especially small (and expensive) versions of toothpaste; they must carry proof of their identity and prepare to undress; and to be searched, swabbed and questioned. They need a boarding pass, a frequent flyer card and to produce these at many different points in their journey through the airport. And they must now manage the battery life of their phones, laptops and other electronic devices. The consequences of failure to do so are high – a dead battery may now mean a lost iPAD.

However, to many people, the airport experience is now more of an endurance trial than the glamorous travel experience of yesteryear.

So is the digital security experience any better? In theory – yes; we ask for identity, but then we provide federated services; we inspect packets in the background; and we certainly do not demand that that users undress or place liquids in a small see-through bag.

Yet the perception is often no; and whilst we hold more computing power in our hand than powered the Apollo space programme, the reward that the digital world offers is not sufficient to outweigh the pain, whereas – sitting on the beach with a drink in hand – anything can be forgiven.

Author: Andy Jones

Share This Post On