C|EH v7 - Just another Thread

instant000 · November 2011

Gripe #1 - Security Triangle: Functionality, Ease of Use, Security

I guess it's three things, and I do get their point, as I even posted here recently how Donahue said something similar, except he used these three: cheap, usable, and secure

My complaint: This upchucks in the face of the security triad : CIA, that is, confidentiality, integrity, availability

Of course, I guess I'll be very likely to remember this, just because of my disagreement with their choice of words.

instant000 · November 2011

Gripe #2: Security Concepts Exploited:
confidentiality
authenticity
integrity
availability

depending on how you interpret, authenticity could be broken with a confidentiality break, so this is gripe #2 for me.

coty24 · November 2011

The new "CIA" is hilarious, "CUS".

JDMurray · November 2011

instant000 wrote: »

Gripe #1 - Security Triangle: Functionality, Ease of Use, Security

I prefer "Usability" over "Ease of Use." I realize these are user-centric terms and not for the system designers, who must think of Confidentiality, Integrity, and Accountability. To those three I would also add "Maintainability" and "Affordability" as system design goals indicating the importance of size and scope in choosing any security solution.

Hmmm...with a little more thought, we could possibly come up with enough high-level design goals to form the acronym "CIAOMAMA."

C|EH v7 - Just another Thread

Comments