Re: More on garbage

"Jon A. Solworth" <solworth@cs.uic.edu> writes:
> Availability is a liveness issue, the other two are safety issues.
> A system which does *nothing* is *always* safe, and hence by definition
> the safety issues (confidentiality and integrity) are satisfied.
>
> A system which does absolutely nothing cannot be secure. A system must
> have some function, and security is there as one of the ways of
> protecting that function from advesaries.

sporadically over the last 30 plus years ... i frequently ran into the
comment that the purpose of security is to make systems unuseable (if
you can't accomplish anything, then hopefully neither can the
attackers) ... and frequently security and human factors can be
diametrically opposed.

a simple scenario is 3-factor authentication

* something you have
* something you know
* something you are

where "something you know" is a shared-secret and the security rules
require that a unique shared-secret is required for every different,
unique security domain .... leading to current situation involving
requirement that people memorize scores of unique shared-secrets that
are never written/recorded.

somewhat the opposite is using trivial personal information (and
supposedly easily remembered) for "something you known" authentication
shared-secret ... with a large number of different security domains
selecting secrets from a small common pool of personal information
(ss#, birth date, mother's maiden name, etc).

-- 
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/