Let me amplify what Matt Bishop has said.
I tend to deal with TRUSTWORTHINESS, which encompasses
security, reliability, survivability, human safety, and anything
else that you have to trust whether you like it or not.
Security is only one aspect of it.  Long ago Butler Lampson
wrote a paper pointing out that if it is not secure, it won't
be reliable, and if it is not reliable, it is may not be secure.
That was applied to access controls in hardware, but it is equally
applied to SYSTEMS.  Also, all of those trustworthiness properties
tend to be emergent properties of the entire system/enterprise/whatever.
Beware of folks who tell you their crypto algorithm (for example) is
100% secure, and ignore that fact that if it badly implemented or the
keys are stored in an unsecure operating system, then all bets are off
and 100% secure becomes 0% secure.

end of soapbox, which some of you have heard from me before.

Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.

Reply via email to