On Thu, Nov 11, 2004 at 04:56:20PM -0500, ljknews wrote:
At 2:48 PM -0500 11/11/04, Paco Hope wrote:
On 11/11/04 11:46 AM, ljknews [EMAIL PROTECTED] wrote:
As a software developer, I care about such issues, but the compiliations
you list are largely not applicable to the operating system
Concur that security is more colorless than most of the other ilities. My point
is that the other domains which serve up the non-functional requirements are
colorless to some degree as well. So in terms of how the other ility domains
approach the quantification and elaboration of the goals that
I think we have to go one step further.
Its nice to know what the attack patterns are. A better thing to do is to know how to identify them
during threat modeling, and then apply safeguards to mitigate the risk. ie: We need a merge of
thoughts from Exploiting Software and Building Secure
