Tag: secure design

The SSL/TLS protocol suite is critical for Internet security. Unfortunately, it’s one of those things that’s nice in theory but messy in practice. Good news — a very promising project is bringing help! We commonly say that we use SSL to secure Internet activity. However, that statement taken literally is very out of date! We […]

Last month I wrote about some current cybersecurity concerns about satellite ground stations. That may seem rather exotic to many readers, but all of us rely on reasonably accurate weather predictions. Satellite cybersecurity problems would hurt all of us, but we can draw useful lessons from this episode. The U.S. Commerce Department’s Inspector General is […]

In Learning Tree’s Cloud Security Essentials course we talk some about how security is difficult. Yes, there are issues of secure software implementation (the Heartbleed bug, for example) and cautious configuration, but the first step is designing a system that has a chance of being secure. As Ross Anderson explains in his textbook “Security Engineering” […]

As we discuss in Learning Tree’s Cloud Security Essentials course, it is enormously difficult to design and implement secure systems. Help is available! SAFECode or the Software Assurance Forum for Excellence in Code has the mission statement “”SAFECode is dedicated to increasing trust in information and communications technology products and services through the advancement of […]

So begins a quote we use in our Introduction to System and Network Security course.  Too often we view security as an afterthought – something to add to our network or organization. We talk about hardening systems to mean making them more secure. This is totally a backwards approach. We need to consider security and […]