The Case For Assurance In Security Products

No ratings

Presented at 12th USENIX Security Symposium 2003 by

Brian Snow

Security products need to work as intended, especially in the presence of malice. This requires considerable effort during all phases of the life cycle, from design, through evaluation and field use, to the eventual retirement of the product. The mechanisms that assure the customer of robust performance differ from one part of the life cycle to the next. They include technical enhancements, human processes, and legal constraints, among others. The talk offers views from three perspectives: research, security service and product provisioning, and education and training.