Law 8: If You Watch the Internet, the Internet Is Watching You
Most connections are bidirectional. The consequence is that information flows both ways. Controlling what is exchanged, and monitoring who is using the connection, is the role of network security. Fortunately, network security is a rather mature science.
- PDF / 4,317,079 Bytes
- 290 Pages / 453.543 x 683.15 pts Page_size
- 33 Downloads / 192 Views
Ten Laws for Security
Ten Laws for Security
Eric Diehl
Ten Laws for Security
123
Eric Diehl Sony Pictures Entertainment Culver City, CA USA
ISBN 978-3-319-42639-6 DOI 10.1007/978-3-319-42641-9
ISBN 978-3-319-42641-9
(eBook)
Library of Congress Control Number: 2016950417 © Springer International Publishing Switzerland 2016 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissions that may have been made. Printed on acid-free paper This Springer imprint is published by Springer Nature The registered company is Springer International Publishing AG The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland
Foreword
Twenty-six years ago, after a series of exhausting interviews, Eric Diehl agreed to hire me as a member of his team in Thomson Consumer Electronics. At the time, I could not imagine the huge impact that the encounter with Eric would have on my future career. Under his mantle, I learned what information security is about. Eric taught me the fundamentals of Pay TV scrambling, hacking, smart card protocols, and hardware security. He encouraged out-of-the-box thinking and constantly strove to perfection, clarity, and precision. My work with Eric taught me to think about security from a variety of angles. Security can be approached according to the attack’s timeline: Predictive security detects a coming attack (future), defensive security measures attempt to stop an ongoing attack, while reactive security comes after the attack and attempts to restore security. Security can also be seen from a threat-source perspective: accounting for the different motivations and means of hackers, agencies, academics, and criminals. The traditional way to approach security consists in addressing security by function: confidentiality, availability, integrity, etc. Eric’s holistic approach consists in comprehensively approaching security by answering systemic clarifying questions such as: Where do we compute (device security)? With whom do we compute (network security)? What computes (system secur
Data Loading...
