[490] in WWW Security List Archive
Re: Barring Bros Was:Re: SLL protocol implementation ?
daemon@ATHENA.MIT.EDU (Phillip M. Hallam-Baker)
Thu Mar 2 06:13:05 1995
To: www-security@ns2.rutgers.edu
cc: hallam@dxal18.cern.ch
In-reply-to: Your message of "Wed, 01 Mar 1995 16:49:10 GMT."
<9503011649.AA25143@plato.ansa.co.uk>
Date: Wed, 01 Mar 1995 19:02:17 +0900
From: "Phillip M. Hallam-Baker" <hallam@dxal18.cern.ch>
Reply-To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
>A "Valid if countersigned" certificate requirement would introduce the
>separation of duty principle but would insert a delay, thus limiting the
>opportunity to make money by predicting share price or exchange rate
>fluctuations.
There are other options. The requirement is to be able to trade very fast in a
no holds barred manner. For this we require contract completion between
principals on an instantaneous basis.
The first point that springs to mind is that the enforcement policy may be built
into the traders computer system. The machine has to be keeping track of
outstanding positions in any case. So if the machine decides that the policy
limit has been hit it stops signing.
The second point is that we are dealing with high integrity systems here we can
place a requirement on the other party to make an audit report of the activity
to some third party which performs the compliance enforcement. This third party
may be specified in the certificate so it need not be the same for every set of
traders. We might even have multiple traders.
so we have a certificate:-
If this identification criteria is satisfied:
> Details of public key, and protocol requirements here <
And
The floor limit of $100,000 is not exceeded [1]
The credit limit of $1,000,000 is not exceeded [2]
The commitment protocol xyz is completed [3]
The transaction is reported within 3 hours [4]
Then
Barrings Bros will pick up the tab
Otherwise
Arrest Nick Leason
Notes:
1) Is enforced by the other party
2) Is enforced by the Barring bros trading terminal
3) Is defined by the stock exchange, ISO or whoever.
4) Here the reporting requirements would be rather more complex since
it is probabky a good idea to incorporate probabailistic components,
and provision must be made for trading in a fast market.
Provided we can guarantee the integity of the trading terminal the liability
with respect to fraud is limited to the floor limits granted. If the operating
policies of the bank permit a single trader to commit more than the worth of the
bank in a single day then there is something seriously wrong in any case.
Note that the attributes would have to be much more comprehensive. They should
permit the types of trade to be specified, selling options is another
complication.
Obviously we cannot solve everybodies problems, that is not our function. We
should give people the tools to do the job themselves. If the financial world
does not know how to describe the risk associated with a finacial instrument
then they probably should not be using them.
It looks as if irregularities may have occured for a period of years. It was the
failure of the management to spot the fraud that was the problem. The allegation
made is that phantom client accounts were created and Barring Bros money traded
through them.
Phill H-B
