[
Lists Home |
Date Index |
Thread Index
]
From: Chris Wilper [mailto:cwilper@cs.cornell.edu]
>> Can an innovative environment produce a trusted computing system?
>If the constraints are accepted beforehand, sure.
>Great innovation happens under (and often in response to)
>the most constrained conditions.
One might read a constraint as the existence of trusted
code upon which innovative systems are built. So the
security constraints can be built in. Usability doesn't
kill creativity, but opinions differ on what is usable.
>Related: http://www.useit.com/alertbox/20030908.html
>(third heading down, "[Misconception:] Usability Kills Creativity")
> Can we 'do the simplest thing that will possibly work'
> and still produce a secure system.
>Unlike usability, considering *trust* issues as you set out to design
>will usually preclude the simplest thing from being done.
Ok. Not being a security expert, I can agree with that, but again,
if the code base is secured, then innovation can proceed simply by
using that code base.
>Where we often get into trouble is throwing such all-encompassing
>constraints onto an already-built system. No matter how low your
>"iteration cost", if you've inadvertantly carved security out of
>the final product, you're not going to pump out a secure version
>next week. Too much would have been ignored by that point.
Right. Innovation at that point would be in producing an innovative
solution to securing an inherently insecure system. Not a simple job.
len
|
