-
-
-
BlogInfoSec.com Sponsors
-
BlogInfoSec.com Partners
Category Archives: Technical
It’s About Availability and Integrity (not so much Confidentiality)
July 23, 2012 – 6:00 am
–
I have frequently contended that the more important aspects of security are availability and integrity, not confidentiality (the old C-I-A triad should be A-I-C in order of importance). That is not to say that confidentiality and privacy aren’t extremely important—they certainly are. But in…
Safe and Secure Software Systems Engineering (S4E)
March 28, 2011 – 6:00 am
–
As you read this, you probably will be saying to yourself, “Why would anyone waste so much time worrying about semantics?” Good question. I began thinking the same way after struggling with definitions in this space for some time. In the end, I concluded that it might be worthwhile after all.…
Old Mother Hubbard and “Building Data Collection In”
November 22, 2010 – 6:00 am
–
Recently I listened to the webcast of a conference on the security-related data needs of researchers and how, if companies would only share the data, which they supposedly have, the academics would be in research heaven. As I listened, I couldn’t help thinking of the English nursery rhyme…
Software Begat Hardware Begat Software Begat …
November 8, 2010 – 6:00 am
–
I happened to be browsing through some magazines at a newsstand when I came across the August 2010 issue of Scientific American and noticed that they were featuring an article by John Villasenor about “The Hacker in Your Hardware.” I found the description of what the author believes to be the…
The Infosec Game Has Changed – 154 Dead!
September 20, 2010 – 6:00 am
–
It may not be the first instance, but it is probably the incident that will change the game on software security assurance going forward. An August 20, 2010 msnbc.com article, “Malware implicated in fatal Spanair plane crash: Computer monitoring system was infected with Trojan horse, authorities…
