Title :
How to think about security
Author :
Whittaker, James A. ; Ford, Richard
Author_Institution :
Florida Inst. of Technol., Melbourne, FL
Abstract :
Learning how to think about security means adopting a different mindset than we\´ve had in the past. As a community, software developers have been thinking too much like "good guys" and thus ended up developing insecure software because they failed to predict attack scenarios. The only way to effectively develop good security in software is to learn to think like the "bad guys." Thinking like the adversary helps us to better identify and mitigate threats
Keywords :
security of data; software engineering; systems analysis; attack scenario prediction; security checklist; software security; systems analysis; threat identification; threat mitigation; threat modeling; Chaos; Computer languages; Computer security; Delay; Education; Pins; Privacy; Protection; Software design; Writing; security; security checklists; systems analysis; threat modeling;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2006.39
