• DocumentCode
    833070
  • Title

    Four ways to improve security

  • Author

    Snow, Brian

  • Author_Institution
    US Nat. Security Agency, USA
  • Volume
    3
  • Issue
    3
  • fYear
    2005
  • Firstpage
    65
  • Lastpage
    67
  • Abstract
    How can you tell if an IT security product (or a product that includes security components) can secure your application? How can you be certain that a product will fully deliver on its claims that it will protect against malice in a deployed environment? Unfortunately, few vendors - and even fewer customers - can make these judgments. The article won´t make you a security wizard, but it will give you a feel for what to look for in, and when to be concerned about, a vendor´s claims. To ensure that a product has a chance of being secure; customers should check that vendors use adequate approaches in four primary areas. In order of importance (and maturity and availability), they are: quality-control (QC) mechanisms; cryptographic primitives; hardware assist mechanisms; and separation mechanisms.
  • Keywords
    quality control; security of data; IT security product; cryptographic primitives; hardware assist mechanisms; quality-control mechanisms; separation mechanisms; ANSI standards; Computer security; Cryptographic protocols; Digital signatures; Elliptic curve cryptography; Hardware; Information security; Privacy; Process design; Robustness; cryptographic primitives; hardware assist; separation mechanisms; software quality-control;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2005.66
  • Filename
    1439505
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=833070