Issue No.06 - November/December (2011 vol.9)
Steven M. Bellovin , Columbia University
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2011.172
The author discusses the problem of how a security specialist should think. In particular, such a person should know how to evaluate complex systems and look for vulnerabilities created by interactions. It's hard to do, and even harder to teach.
security education; secure system design
Steven M. Bellovin, "Security Think", IEEE Security & Privacy, vol.9, no. 6, pp. 88, November/December 2011, doi:10.1109/MSP.2011.172