Demythifying Cybersecurity

Edward B. Talbot; Deborah Frincke; Matt Bishop

doi:10.1109/MSP.2010.95

Security&Privacy
2010
Issue No. 3 - May/June
Abstract - Demythifying Cybersecurity

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Edward B. Talbot Articles by Deborah Frincke Articles by Matt Bishop

Demythifying Cybersecurity

May/June 2010 (vol. 8 no. 3)

pp. 56-59

	ASCII Text	x
	Edward B. Talbot, Deborah Frincke, Matt Bishop, "Demythifying Cybersecurity," IEEE Security & Privacy, vol. 8, no. 3, pp. 56-59, May/June, 2010.

	BibTex	x
	@article{ 10.1109/MSP.2010.95, author = {Edward B. Talbot and Deborah Frincke and Matt Bishop}, title = {Demythifying Cybersecurity}, journal ={IEEE Security & Privacy}, volume = {8}, number = {3}, issn = {1540-7993}, year = {2010}, pages = {56-59}, doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2010.95}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Security & Privacy TI - Demythifying Cybersecurity IS - 3 SN - 1540-7993 SP56 EP59 EPD - 56-59 A1 - Edward B. Talbot, A1 - Deborah Frincke, A1 - Matt Bishop, PY - 2010 KW - cybersecurity KW - security and privacy KW - layered defense KW - defense in depth KW - system complexity KW - three-factor authentication KW - trusted computing KW - computer security KW - computer science education VL - 8 JA - IEEE Security & Privacy ER -

Edward B. Talbot, Sandia National Laboratories, California

Deborah Frincke, the Pacific Northwest National Laboratory

Matt Bishop, University of California, Davis

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.95

This article looks at four cybersecurity myths that recur in both popular literature and technical work: "more layers of defense are always better than fewer," "running my executables on my data on my system is secure because I control my system," "effective security is burdensome," and "trusted computing eliminates the need to trust people."

1. J. Campbell, The Masks of God, Vol. 4: Creative Mythology, Penguin Books, 1991.
2. C. Catlett et. al., A Scientific Research and Development Approach to Cyber Security, report submitted to the US Dept. of Energy, Dec. 2008, p. 2; www.er.doe.gov/ascr/ProgramDocuments/Docs CyberSecurityScienceDec2008.pdf.
3. K. Thompson, "Reflections on Trusting Trust," Comm. ACM, vol. 27, no. 8, 1984, pp. 761–763.
4. M. Bishop and D.A. Frincke, "Who Owns Your Computer?" IEEE Security & Privacy, vol. 4, no. 2, 2006, pp. 61–63.
5. Sun Tsu, The Art of War, Delta Publishing, 1989.
6. R. Naraine, "90-Day Report Card: Windows Vista Fared Better than Competitors," ZDnet, 22 Mar. 2007; http://blogs.zdnet.com/security?p=135.
7. T. Wu, "A Real-World Analysis of Kerberos Password Security," Proc. 1999 Symp. Network and Distributed System Security, Internet Soc., 1999, pp. 13–22.

Index Terms:

cybersecurity, security and privacy, layered defense, defense in depth, system complexity, three-factor authentication, trusted computing, computer security, computer science education

Citation:

Edward B. Talbot, Deborah Frincke, Matt Bishop, "Demythifying Cybersecurity," IEEE Security & Privacy, vol. 8, no. 3, pp. 56-59, May-June 2010, doi:10.1109/MSP.2010.95

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.