TY - CONF AB - In this paper, we present a set of security requirements for critical systems, fundamental premises that those requirements would entail, and ideas for implementations that would instantiate those premises. We discuss the overriding requirement guiding our paradigm: that "first principles" reflects the only real security strategy, where first principles are ideally provable, often measurable; and at minimum, possible to order and bound. These principles allow us to take into account that many security policies may be even be in conflict, and as such, proofs, measures, and ordering gives an analyst (or even better, an automated system) the metrics that one needs in order to make informed decisions about how to resolve conflicts. We demonstrate several metrics that enable this, including state replication, data slicing, collusion, and information theory. AD - New York, NY, USA AU - Peisert, Sean AU - Talbot, Ed AU - Bishop, Matt T2 - Proceedings of the 2012 Workshop on New Security Paradigms Y2 - September SP - 15 EP - -26 PB - ACM T1 - Turtles All the Way Down: A Clean-Slate, Ground-Up, First-Principles Approach to Secure Systems PY - 2012 ER -