[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What is a security bug?



On Wed, Nov 23, 2005 at 12:59:02PM +0100, Florian Weimer wrote:
> Availability is typically considered one aspect of security (and
> arguably the hardest one to get right in networked applications).

I tend to consider it the other way around.  Security is a subset of
availability.  Availability must also take in to account things like
hardware failures, network problems, software configuration, etc.  It
also must account for security.  As a sysadmin, my primary interest is
not in the security of my services (if it was, I'd unplug them all!),
but in the availability.  Because security is one aspect of
availability, I must account for it when designing and maintaining
systems, but it can't be the ultimate goal, since a truly secure system
provides no availability.

noah

Attachment: signature.asc
Description: Digital signature


Reply to: