C. Warren Axelrod

Application Security and Quantum Mechanics

It’s funny how analogies pop up in the strangest of places. There is an “Annals of Science” article by Rivka Galchen in The New Yorker of May 2, 2011 about physicist David Deutsch with the title “Dream Machine: The mind-expanding world of quantum computing.” It describes the weird concepts of quantum mechanics. I actually took a course in quantum mechanics when I was an undergraduate electrical engineer, and I must admit that I was totally confused.

The Galchen article describes that “Deutsch questioned whether computational complexity was a fundamental or a relative property.” The analogy is described in terms of mass and weight, as follows:

“Mass … is a fundamental property because it remains the same in any setting; weight is a relative property, because an object’s weight depends on the strength of gravity acting on it. Identical baseballs on earth and on the moon have equivalent masses, but different weights.”

The author goes on to say:

“Just as an object’s weight depends on the force of gravity in which it’s measured, the degree of computational complexity depended upon the computer on which it was measured.”

While I am not pretending that my position on context as a major factor in application security is anywhere near as sophisticated as the mass-gravity-complexity arguments in the article, I must say that there is some measure of support for  my views, and the views of some others, in the discussion.

An application has some intrinsic level of security based upon such factors as the stringency of the SDL (Security Development Lifecycle), the enforcement of SDL rules, the language in which an application is written, the platform on which it runs, and the like. These might be considered the fundamental properties of applications.

Post a Comment

Your email is never published nor shared. Required fields are marked *