On Sun, 24 Mar 2002 [EMAIL PROTECTED] wrote: > or just security proportional to risk ... random refs:
There's a short coming with that view. In order to apply realistic metrics to what that risk is (eg 1 in 100 years) one must have systems being broken in order to vet it. It's one thing to state a axiom as you have done. It's a whole other one to apply it within a time schedule, budget, and general social setting. The three primary questions that occur when trying to give these real numbers become: - How long between services checks - How long between system upgrade/replacement - How have other systems stood up to intentional attacks The first is important to vet the continued opperation of an existing systems. The second is important in respect to opportunity to subvert and and the diffussion of 'classified' info out of controlled environments (eg robber's girlfriend is student...who applied for an internship...who copies the random page hither and yon...). And finaly this gives one a real graps of cost and 'friction' (to borrow a military term). A special note for three, this implies that at least some of the mechanisms of the same 'class' are(!) being broken. If not then one really has no way to make a metric. The only enginering answer is "I don't know"; I make the distinction between political and organizations needs and engineering ones. The vast majority of security mechanisms fail on several of these regularly. It's not intentional but unless you're running something with the dispcipline of a military base or prison you're going to have problems. I don't believe there are enough deliberate public attacks to make the third boundary condition relevant in most security situations. But on the flip side, most security situations are really overly sensitive to their probability. [1] [1] Which is probably a good thing for the industry :) -- ____________________________________________________________________ There is less in this than meets the eye. Tellulah Bankhead [EMAIL PROTECTED] www.ssz.com [EMAIL PROTECTED] www.open-forge.org -------------------------------------------------------------------- --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]