Schneier on Assurance

One of the blogs I try to keep up with is Bruce Schneier‘s “Schneier on Security.”  This week I ran across a couple of links there I thought I would re-post.

The first is a great article by Brian Snow of NSA on the idea of assurance and system security.  Two great points I took away from that paper are:

  1. Too many products are designed and implemented assuming that they need to guard against random failure rather than failure based on targeted malice.  It isn’t enough just to make sure that you are safe from failures due to network outages and so forth.  Systems have to be built to withstand attackers deliberately trying to cause harm.
  2. System designers and implementers often fail to properly characterize the threat against their systems.  It is different to guard against a generalized threat where you just have to be more secure than the next guy (assuming attackers will move on to easier prey) and threats where you have to withstand attackers with a specific target in mind.

Both of these are crucial if you are looking to build systems that will withstand the environment in which they are deployed.

Also, Bruce Schneier reminded me of this resource: The Department of Homeland Security “Build Security In” website.  Lots of good stuff there, including articles from Dr. Gary McGraw about Architectural Risk Analysis.  Check it out.

dan _at_

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *