[trustable-software] Security as an emergent property..
Duncan Hart
dah at seriousaboutsecurity.com
Thu Jul 21 08:42:07 UTC 2016
Hi,
I've just joined this list, great to be here, I hope I can listen, learn
and contribute too...
I view the attribute of security (or trustworthiness) as an emergent
property of a system. In that view each component in the system adds
security enhancing, or security risk reducing, functionality. It's the
whole that is secure or trustworthy, rather than individual parts.
With that in mind an end-to-end perspective is needed to assert whether
something is secure enough (N.B. context is everything and there are many
variables in that context :). I'd recommend the SABSA approach, and in
particular the Business Attributes, as a way of achieving a traceable
security architecture.
Just my 2p worth.
Warmest regards, all the best,
Duncan
--
Duncan Hart
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.veristac.io/pipermail/trustable-software/attachments/20160721/09ffd404/attachment.html>
More information about the trustable-software
mailing list