Monday, May 7, 2012

Security & Trust

I love it when InfoSec Island gets all philosophical about security.

Today's example is the excellent Understanding Trust  by Kevin W. Wall.
At its core, information security is largely about the two goals of “ensuring trust” and “managing risk”. We may deal with managing risk some other time, but today I want to focus on ensuring trust.

In order to ensure trust, we first must understand not only what it is, but what its properties are...
Read the whole thing.

For an earlier example, see: Human Security is Weaker than IT Security*

While Infosec Island (obviously) concerns itself with Information Security ("logical access control" for ID management types) much of their analysis can be applied to the world of physical security as well.



*Human Security is Weaker than IT Security inspired this post: The Con is Mightier than the Hack