O'Reilly logo

The Craft of System Security by Sean Smith, John Marchesini

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

11. Standards, Compliance, and Testing

Let's assume that you've used the tools and techniques mentioned throughout this book so far to try to build a secure system or that someone has handed you an allegedly secure system. How do you know that the system is safe? How safe is it really? What we'd really like to know is: How likely is it that the system will get into an unsafe state either by accident or by malice? Whether one is a vendor, an implementer, an administrator, or a customer, these questions are critically important.

It would be ideal if we could map the entire state space of our system and then look for system paths that lead to unsafe states; we could then simply avoid such paths. The complexity of modern software makes such a task ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required