Announcements

Center for Information Protection
UC Davis is planning to join the NSF I/UCRC Center for Information Protection. We are looking for companies to join our Industrial Advisory Board.
Find out more here!

Conferences and Workshops

ISGIG 2009
ACSAC 25
PETRA 2010 (due 11/15)
Oakland 2010 (due 11/18)

My Links

Other Links

This Quarter’s Classes

Office Hours for This Quarter

Contacting Me

Best Practices and Worst Assumptions

Citation

M. Bishop, “Best Practices and Worst Assumptions,” Proceedings of the 9th Colloquium for Information Systems Security Education pp. 18–25 (June 2005).

Paper

Abstract

The development of best practices and checklists to improve system security has popularized techniques and technologies for strengthening systems. These techniques provide a basis for teaching the importance of assumptions in computer and information security, and the necessity of questioning them. We present an example of analyzing a set of security guidelines to determine the underlying assumptions, and give examples of how to demonstrate the importance of the assumptions to the effectiveness of the guidelines.

Copyright Notice

©2005 by the Colloquium for Information Systems Security Education. This is the author’s version of the work. It is posted here for your personal use. Not for redistribution. The definitive version was published in Proceedings of the 9th Colloquium for Information Systems Security Education, June 2005.

Last updated on Monday, July 20, 2009 at 10:33:15AM PDT