|
The View from Visionaries
5 Peter G. Neumann
Principal scientist, computer science lab, SRI International
Big security problems [ahead]: First, pervasively imbuing system developments with good software engineering practices and trustworthy system architectures (encompassing security, reliability, human safety, survivability in the face of many realistic adversities, networking, interoperability, evolvability, operationally aware, and so on).
Second, having small, proven operating system and application components that can be predictably composed into bare-minimum subsystems and used to develop trustworthy systems tailored to specific needs. Examples: trustworthy special-purpose servers such as file servers and network servers that might otherwise be looked at as stark subsets of general-purpose systems.
Third, securely and predictably embedding good cryptography into trustworthy systems, and fourth, pervasive education on how to build trustworthy systems.
6 Bruce Schneier
CTO, BT Counterpane and author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World
Computer security is poised for a major transformation: from a consumer product to an industry product. As computers and networks become infrastructure, users--both individual and org...
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
anizational--will care less about how security works and more that it simply does work. Security will cease to be a separate product, and instead will be embedded into everything. This isn't to say that security will lose its importance--far from it--only that the security marketplace will more resemble other industry marketplaces:
new automobile technologies, for example.
7 Mark Loveless
Vernier Networks, senior security architect and white-hat hacker known as "Simple Nomad"
While the main short-term security threat still appears to be compromised home systems as a part of a botnet sending spam, spreading malware, and DDoS, these issues will begin to surface more and more in a corporate environment. This can be symbolized in the case [earlier this year] of Viagra spam being sent from zombified desktop computers in the Pfizer corporate network (ironically the makers of Viagra) to systems on the Internet. With the dynamic nature of networks, systems that are not protected by sophisticated networks that regulate access will find themselves targeted more frequently as potential unwilling botnet participants. I would expect with the recent trend of sales of zero-day security flaws in modern software to criminal elements that the overall zombification process will make greater gains in corporate networks than ever before.
|
 |
|
