Information Technology Reference
In-Depth Information
Chapter 16
Security
The ultimate security is your understanding of reality.
—H. Stanley Judd
Application designers and managers have traditionally paid more attention
to functionality and performance of the application rather than to security.
There is a need for designers and developers to increase their awareness
and knowledge of security-related issues. The fact is that security is a vast
and complex domain, and one can get lost in details of algorithms and
technologies. Therefore, this chapter examines some aspects of security
that require greater priority.
A good security system must address four aspects of security:
1.
The
aspects of security: its strategic value, the concept of
risk, security costs, and its trade-offs.
business
2.
The
aspects of security: its design, verification, and
limitations. This, in itself, is a large and specialized subject and we
shall touch on a few areas only.
technical
3.
The
human
factors: critical to the success of security systems.
4.
The
aspects: those aspects that help bridge
the technical and human aspects, giving organizations some assur-
ance that, if processes are followed, a certain state of security can
be achieved.
process or procedural
283
