RE: Security vs. Simplicity

["Craig S. Wright" <craig.wright () Information-Defense com>]

Secure and simple do link.

If a process is overly complicated - it will not be secure. People with
either bypass it or not follow it correctly. The Human factor of security is
commonly overlooked, but without this there is no security.

...
Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ...
Information Defense Pty Ltd



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Robin Wood
Sent: Wednesday, 20 May 2009 1:20 AM
To: avi shvartz
Cc: Securityfocus
Subject: Re: Security vs. Simplicity

2009/5/18 avi shvartz <yram () netvision net il>:
> Hello list,
>
>
>
> In a design process of a critical infrastructure system there is always a
> tension between two tenets:
>
>  The "simplicity tenet" - keep it simple as much as possible.
>
>    And
>
>  The "security tenet" - make it secure as much as possible.
>
> I am perfectly aware of all risk evaluation and assessment, TCO
calculations
> etc, that suppose to
>
>  help us all to reach a decision about "how much security" and "how much
> simplicity".
>
> But, we all know that gathering all relevant information and getting
overall
> agreement
>
>  about them and about the calculations of the risk\tco calculations is not
> "optimal" to say the least.
>
> I am also aware to the statement : "simple design is also a secured
design".
> But, we all know that in real life the security folks wants to add "just
> this extra layer (for security in depth)
>
>  And\or "just this vlan (for yet another communication separation)" etc.
>
> Don't get me wrong, I do understand that it's a valid concern,
>  I just say that it's not always will be in line with the "simple" design
> tenet.
>
>
>
> Now, let's say that after all the technical discussions the two inflamed
> opponents are in front of us
>  (kind of real life situation.).
>
>
>
> I would like to ask your opinion in the following way:
>
>  Let say that you are the manager who have to say one statement (kind of a
> bottom line):
>   "Design that system according to the simplicity principal"
>   or
>
>   "Design that system according to the security principal"
>
>  I would humbly ask for an answer in a "managerial style":
>   first : what will be that bottom line.
>   second: (kind of appendix.) any explanation that you wish to add.

I'd have to go for secure. Simple is nice but if it lets all your data
leak out then it is useless.

Obviously secure and unusable is also bad but I think it is worse to
have the police after you for releasing your companies credit card
database than to have users complaining they have to log in twice or
perform extra steps to do an action.

Robin

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both
Instructor-Led and Online formats is the most concentrated exam prep
available. Comprehensive course materials and an expert instructor means you
pass the exam. Gain a laser like insight into what is covered on the exam,
with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------