"Let's be bad guys"
Jul. 23rd, 2010 12:37 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
morslaI'm working on a "virtual safe" project at work - finding out the legal implications of having electronic versions of your important documents stored online by a third-party service provider. Some documents (watermarked birth certificates, etc) can't readily be digitised; some are easy (account numbers and share certificates), and some are a bit tricky (wills).
Let's say that you have a legal will document, duly witnessed and authorised. You scan it, save it as a PDF, and place it in your online safe, alongside things like identity documents, titles and deeds for property and shares, and whatever else needs to be kept secure. The next summer, a bushfire destroys your town, including your home, your physical documents, your computer, and yourself. Your next of kin want to settle your estate...
Hopefully you told someone that you were making a will, and where you were keeping it.
Then, they need to get access to it. They might know your password, have a login of their own, or persuade the service provider to open up the account. Maybe it takes a court order to do this, or maybe they'll accept a stat dec. In theory, they go into the account, find the document labelled "will," check that it's the most recent version available, and start the process of resolving your estate the way you wanted.
What I'm interested in at the moment: putting on your bad guy hat, how would you break this system? What are the obvious flaws and weaknesses? How do you make sure the right people can access it, while preventing the wrong ones from doing so?
- How does the service provider stop unauthorised access?
- How can people legitimately gain access if you're not able to give permission?
- What about access by legitimate people, but for the wrong purposes? (spying on what's in the will)
- Improper use of documents in the safe (identity theft, fraud)
- How secure is the password and encryption? (technical elements)
- What's the process for gaining/changing access? (human elements)
What questions and ideas sping to mind for you?
Let's say that you have a legal will document, duly witnessed and authorised. You scan it, save it as a PDF, and place it in your online safe, alongside things like identity documents, titles and deeds for property and shares, and whatever else needs to be kept secure. The next summer, a bushfire destroys your town, including your home, your physical documents, your computer, and yourself. Your next of kin want to settle your estate...
Hopefully you told someone that you were making a will, and where you were keeping it.
Then, they need to get access to it. They might know your password, have a login of their own, or persuade the service provider to open up the account. Maybe it takes a court order to do this, or maybe they'll accept a stat dec. In theory, they go into the account, find the document labelled "will," check that it's the most recent version available, and start the process of resolving your estate the way you wanted.
What I'm interested in at the moment: putting on your bad guy hat, how would you break this system? What are the obvious flaws and weaknesses? How do you make sure the right people can access it, while preventing the wrong ones from doing so?
- How does the service provider stop unauthorised access?
- How can people legitimately gain access if you're not able to give permission?
- What about access by legitimate people, but for the wrong purposes? (spying on what's in the will)
- Improper use of documents in the safe (identity theft, fraud)
- How secure is the password and encryption? (technical elements)
- What's the process for gaining/changing access? (human elements)
What questions and ideas sping to mind for you?
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2010-07-23 05:25 am (UTC)It's based in Switzerland, which gives it some interesting legal protection: insulating it from the rest of the world. It's also designed to be very secure: regardless of court orders, if the designated successors don't have their access details (or backups), then the encrypted data will never be recovered.
So far we've been looking at Australian services (so local courts can assist relatives), from the perspective of wanting to allow legitimate access. Cory's post takes an interesting perspective, trying to remove any possibility of unauthorised access instead.