DocumentCode :
833070
Title :
Four ways to improve security
Author :
Snow, Brian
Author_Institution :
US Nat. Security Agency, USA
Volume :
3
Issue :
3
fYear :
2005
Firstpage :
65
Lastpage :
67
Abstract :
How can you tell if an IT security product (or a product that includes security components) can secure your application? How can you be certain that a product will fully deliver on its claims that it will protect against malice in a deployed environment? Unfortunately, few vendors - and even fewer customers - can make these judgments. The article won´t make you a security wizard, but it will give you a feel for what to look for in, and when to be concerned about, a vendor´s claims. To ensure that a product has a chance of being secure; customers should check that vendors use adequate approaches in four primary areas. In order of importance (and maturity and availability), they are: quality-control (QC) mechanisms; cryptographic primitives; hardware assist mechanisms; and separation mechanisms.
Keywords :
quality control; security of data; IT security product; cryptographic primitives; hardware assist mechanisms; quality-control mechanisms; separation mechanisms; ANSI standards; Computer security; Cryptographic protocols; Digital signatures; Elliptic curve cryptography; Hardware; Information security; Privacy; Process design; Robustness; cryptographic primitives; hardware assist; separation mechanisms; software quality-control;
fLanguage :
English
Journal_Title :
Security & Privacy, IEEE
Publisher :
ieee
ISSN :
1540-7993
Type :
jour
DOI :
10.1109/MSP.2005.66
Filename :
1439505
Link To Document :
بازگشت