Sciweavers

COMPUTER
2004

Computer Security in the Real World

13 years 11 months ago
Computer Security in the Real World
After thirty years of work on computer security, why are almost all the systems in service today extremely vulnerable to attack? The main reason is that security is expensive to set up and a nuisance to run, so people judge from experience how little of it they can get away with. Since there's been little damage, people decide that they don't need much security. In addition, setting it up is so complicated that it's hardly ever done right. While we await a catastrophe, simpler setup is the most important step toward better security. In a distributed system with no central management like the Internet, security requires a clear story about who is trusted for each step in establishing it, and why. The basic tool for telling this story is the "speaks for" relation between principals that describes how authority is delegated, that is, who trusts whom. The idea is simple, and it explains what's going on in any system I know. The many different ways of encoding...
Butler W. Lampson
Added 17 Dec 2010
Updated 17 Dec 2010
Type Journal
Year 2004
Where COMPUTER
Authors Butler W. Lampson
Comments (0)