Information Technology Reference
In-Depth Information
those laws. …But what will happen to the simulated
realities set in virtual motion by simulators with only a
partial knowledge of the laws of nature needed to sus-
tain them over long periods of time. Eventually, these
realities would cease to compute. They would fall victim
of the incompetence of their creators. Errors would
accumulate. Prediction would break down. Their world
would become irrational. They would be heading for
the virtual analogue of death in a biological organism
when errors accumulate to a lethal level. The only
escape for them is if the creators intervene to patch up
the problems one by one as they arise. …fill gaps in its
logic that its creators had not noticed.
This is the logic behind patch management. It will not
be possible to get everything right before releasing
something. As long as the issue of partial knowledge is
recognized, it can be addressed through processes such
as patch management and upgrades, as the software
industry does.
Multiple Levels of Security
Many enterprises depend predominantly on network-based security to
prevent intruders from entering the system. Unless there are second and
third levels of defense, a security breach would allow a free run down
the plains. One of these levels of defense should include protection or
recovery from outer breaches. As in the case of the Hurricane Katrina
disaster, the defense depended primarily on the levees — not breaching.
The systems and processes to handle a situation if a breach happened
turned out to be inadequate.
Learning from the Human Security System
The human body is provided with a unique security system, which is alert
and active around the clock. An in-depth study of this system — its ability
to detect an intruder, take steps to neutralize it, and at the same time,
sound an alert in the body — has no parallel. We now try to examine
some basics to learn how it can affect and improve the software security
system.
