PKC

[Ken Brown]

Owen Lewis wrote:

> > It isn't like building a bridge, where there might be no point in
> > spending vast amounts of money on building  one section from over-speced
> > or stronger materials than another.   Of course it is always possible
> > that people with an accounting or military or engineering background
> > might not have realised that the good stuff costs the same as the
> > low-quality stuff. But surely doctors will be familiar with the idea
> > that cheap treatments may be more useful than expensive.
> 
> What you are discussing is, exactly, engineering. You say that the medical
> profession is familiar with the idea that cheap tratments may be more useful
> that expensive? Good. Then it should follow easily for the same people that
> the an engineering analogy would be that a rope bridge may be more useful
> than a downsized Golden Gate structure or, in security engineering, one
> should aim for the cheapest that will comfortably exceed the criteria set by
> the user organisation.
> You will then come easily to the step that if, in security engineering as in
> civil engineering, if the user requires perfect security he is going to pay
> a helluva price.

Security is NOT engineering. Treating it as if it is is a high road to
ruin. It is about human behaviour - at best a management problem not an
engineering one. It is what the people do that counts, how they behave,
what they want, how much they are willing to do to get it.