3. Old Principles, New World
In Chapter 1, we offered our working definition of security: when the system state remains correct, despite potential actions of some class of adversaries. It's clear from looking at history, headlines, or even the latest posts to the BugTraq mailing list that we, as a community, are not managing to develop and deploy secure systems. The causes for this problem are grist for lively debate and good classroom exercises. Is it because we don't know how to build secure systems? Is it because we can build them but somehow cannot deploy them in the real world? Is it because we don't quite know what the correct state is? In Chapter 2, we looked at some of the early thinking that tried to address these problems. In this chapter, ...
Get The Craft of System Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.