Best Practices and Worst Assumptions

Author:
Matt Bishop
File Size:
602.81 kB
Date:
01 July 2005
Downloads:
1061 x

The development of best practices and checklists to improve system security has popularized techniques and technologies for strengthening systems. These techniques provide a basis for teaching the importance of assumptions in computer and information security, and the necessity of questioning them. We present an example of analyzing a set of security guidelines to determine the underlying assumptions, and give examples of how to demonstrate the importance of the assumptions to the effectiveness of the guidelines.

Best Practices and Worst Assumptions