My Information Security Concepts Primer
By Daniel Miessler on January 5th, 2006: Tagged as Information Security | Infosec | Philosophy | Security
For anyone who hasn’t seen it, this is one of my better pieces of work (although that’s not saying a whole lot :)).
http://dmiessler.com/study/infosecconcepts
The piece covers some of the basic information security concepts and includes some of my thoughts on the discipline at the end. I think it may be useful for people who are getting into the field and/or those who are lacking in the “concepts” area.
Enjoy.
--
Very readable and informative.
However when you say:
“within the next decade or so we’ll see the introduction of new system architecture models — models that are highly restrictive and run using a “default closed” paradigm…”, after saying we are using shoddy materials…thats a long time to bail out a leaking boat.
If a technology prevents any vulnerability from being exploited, then risk is zero. What if a technology could do that now, for existing O/Ss, instead of waiting a decade or so and re-designing everything from the ground up? What would its value be?
Comment by Rob — 1/5/2006 @ 7:03 pm