Information Security 101 - the Rules of Thumb
Brian Gladman
brg at gladman.plus.com
Wed Jun 24 16:13:17 BST 2009
----- Original Message -----
From: "Peter Fairbrother" <zenadsl6186 at zen.co.uk>
To: "UK Cryptography Policy Discussion Group"
<ukcrypto at chiark.greenend.org.uk>
Sent: Wednesday, June 24, 2009 3:12 PM
Subject: Re: Information Security 101 - the Rules of Thumb
> Brian Gladman wrote:
> [...]:
>>>
>>> In these rules an "enemy" is someone who wants to steal some secret
>>> information an honest system designer doesn't want him to steal, or to
>>> prevent authorised access to it, or to mislead a friend about its
>>> authenticity.
>>
>> This does not cover things like denial of service attacks.
>
> I put "prevent authorised access" in to cover DoS, but maybe it's not
> clear enough.
My problem was that all the detail you provided in the last half of sentence
seemed to refer only to the 'secret' mentioned in the first part of the
sentence.
For example 'its authenticity' clearly refers to the secret so I was driven
to believe all these descriptive phrases referred to it and not the system
as a whole.
And this lead me to worry about the security of systems that don't contain
secrets.
[snip]
Brian
__________ Information from ESET NOD32 Antivirus, version of virus signature database 4184 (20090624) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
More information about the ukcrypto
mailing list