TWiki>
Repository Web>WeeklyPapersFall07>BrittleSecurityMetrics (19 Dec 2007, AndrewBlaich)EditAttach
Repository Web>WeeklyPapersFall07>BrittleSecurityMetrics (19 Dec 2007, AndrewBlaich)EditAttachOn the Brittleness of Software and the Infeasibility of Security Metrics
Authors: S.M. BellovinComplete Citation
On the Brittleness of Software and the Infeasibility of Security Metrics, Bellovin, S.M.; Security & Privacy Magazine, IEEE, Volume 4, Issue 4, July-Aug. 2006 Page(s):96 - 96Abstract
How secure is a computer system? Bridges have a load limit, but it isn't determined (as "Calvin and Hobbes" would have it) by building an identical bridge and running trucks over it until it collapses. In a more relevant vein, safes are rated for how long they'll resist attack under given circumstances. Can we do the same for software?Annotations
"Until we can measure security, we can't improve it." -- AndrewBlaich - 19 Dec 2007Edit | Attach | Print version | History: r1 | Backlinks | Raw View | More topic actions
Topic revision: r1 - 19 Dec 2007 - 17:13:38 - AndrewBlaich
Repository Web
Create New Topic
Index
Search
Changes
Notifications
Statistics
Preferences
Edu |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback