Optimizing the Empire: Best Practices in Galactic Security
Growing up as an original trilogy fan, I never imagined as an adult that I’d be writing about “Star Wars” in anticipation of another brand-new film being released. My excitement around the cinematic rebirth of a franchise that means so much to so many got me thinking about “The Force Awakens” and the parallels between it and the original trilogy.
One thing that came to mind was that the Empire, for all its power and influence, keeps making the same mistakes. This is most evident in its security practices.
When I look at it from a digital marketing standpoint, the Empire ... I mean the First Order (after an obvious rebranding exercise) is in desperate need of a post-mortem after the destruction of the Starkiller Base. What should have been a vast improvement on the previous model of planet-eliminating weaponry was infiltrated and destroyed in much the same way.
The very definition of insanity is doing the same thing over and over and expecting a different result. It’s also poor business practice. It’s time for the darkside to upgrade and take full advantage of their technology landscape.
(There are so many more examples, going all the way back to the first Death Star, but for the sake of brevity, let’s focus on the the First Order).
Simple Roles and Permissions
There are clearly different ranks within the First Order along with different roles. It stands to reason that much like modern military organizations, there are a number of combat roles and administrative roles.
Although a stormtrooper might have a dual function as a soldier and as a sanitation worker, they should have had limited access to certain areas of the Starkiller Base.
Were there some kind of specialized cleaning needs for the main oscillator?
Also, how did he know exactly where it was? Why was he able to access any part of the base he wanted, whenever he wanted?
System isolation is another way the First Order could be better secured the Starkiller Base. Permissions and user accounts should not transfer from one system to another.
Even if they had implemented SSO technology, having administration access in one of the systems does not automatically confer admin access to them all. All of the systems and the underlying permissions should remain isolated. It seems that any access level, from maintenance worker on up to the general/admiral have the same access.
It also seems like the First Order has a poorly defined termination processes. Finn -- or FN-2187, as he was called while employed by the First Order -- appears to use his old credentials to access the Starkiller Base.
Unless all codes are the same (which is another terrible security practice), his should have been deactivated as soon as he defected. This also allowed Han Solo and Chewbacca access to the base via a practice called “piggybacking,” gaining access to a restricted area through a credentialed personnel.
Since this most basic principle was not implemented in the physical space, it is possible, even likely, given other events in the movie, that it wasn't done digitally either.
On-Premise vs. Cloud
Despite future technology, like as droids with sentient programming and interstellar vehicles with hyperdrive capabilities, the idea of storing data in the cloud instead of on premise seems completely foreign to the Empire / First Order. Nearly all of the security breaches in the history of the Rebellion center around on premise data storage facilities being infiltrated.
It’s understandable why an organization like the First Order would want total control over where its data is stored in a very concrete way. The cloud seems as intangible as the force compared to having your own servers on site where you can see and touch them, on your own base / planet.
However, it has been proven in our universe and a galaxy far far away, that on-premise does not equal secure. Plus that fancy shield technology we saw in “Rogue One” could be applied elsewhere.
Any successful cloud implementation would have security protocols in place. These wouldn’t just be limited to clearance (which we already know is tricky) but include encryption, firewalls, and other forms of compliance.
Although this isn’t specifically shown with the First Order, the fact that the rebels know the location of the base (which later leads to the First Order finding their base on D'Qar in the Ileenium system). Information seems to be stolen quickly; too quickly to assume it’s all via hard copy within a trusty droid. That brings me to my next point:
Data Transfers, Encryption and Intrusion Detection
It seems that the Rebellion and the First Order have near real-time updates on each other’s movements and plans. I’m going to make an unverified assumption due to the Empire / First Order’s preference for hard drives and archive planets, that they haven’t probably secured any of their data in the cloud.
Although the interception of information could be solved by using quantum entanglement for data transfers, which is unhackable, the problem could be solved with some form of encryption.
To bring that into reality, to have faster-than-light communication, which would be necessarily with a number of bases across the galaxy and a massive fleet of ships, you’d need quantum entanglement to transfer data.
If you implement quantum entanglement technology down to the point where your hand-held communication device can communicate FTL, you have an encryption technology that is unbreakable and un-spoofable, but I digress.
In addition to implementing encryption, finding and closing vulnerabilities has proven critical. Vulnerabilities need to be identified and closed in the various applications the First Order probably runs for tasks like targeting rebel bases and managing the flight deck as well as the underlying platform that they systems rely on.
End-to-end encryption is recommended in this case.
Even the most secure cloud needs intrusion detection. This means anti-virus software and application firewalls to alert the security team to threats, contain them and place a barrier between rebel hackers and First Order systems.
With the fate of the galaxy at stake, every instance of a cloud implementation should include this, on every layer of the infrastructure. This prevents access to load balancers and guards against common tactics like SQL injections, which I’m going to assume, for the point of this post, exist in this universe.
Machine learning and AI for security
Artificial intelligence is a major part of the “Star Wars” universe. It’s what brings C-3PO, R2-D2 and BB-8 to life. However, it seems to be limited to droid technology. I mean, machine learning is in its infancy here on Earth and already we can do amazing things with image, pattern, and/or facial recognition. AI and machine learning could have a major impact on security if implemented properly.
For example, cameras could be built with AI functionality that scans for anomalous patterns that then trigger alarms or defensive systems. The First Order could easily create a rebel database for facial recognition and the imperial forces could use every droid’s optical sensors as part of a subroutine to scan for them.
We can assume that the First Order, much like the Empire before them, “employed” the top scientific minds in their quest for power. We can only hope (well, I mean, if you feel the pull of the darkside, that is) that in the future, their organization includes the top security analysts and advisers as well.
Special thanks to Kris Vanderwater and Jay Ferrin for their assistance with this post.