Abstract
Attackers are more likely to attack a system at its weak points, which makes knowledge of the weakest link critical. In part this depends on knowing your likely attackers: What’s the weakest link for a suicide bomber will be different from the weakest link for a petty burglar. All systems have a weakest link, and there are several general strategies for securing systems despite their vulnerabilities. Defense in depth ensures that no single vulnerability can compromise security. Compartmentalization ensures that a single vulnerability cannot compromise secure entirely. And choke points reduce the number of potential vulnerabilities by allowing the defender to concentrate his defenses. In general, tried and true countermeasures are preferable to innovations, and simpler overlapping countermeasures are preferable to highly complex stand-alone systems. However, because attackers inevitably develop new attacks, reassessment and innovation must be ongoing.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Rights and permissions
Copyright information
© 2003 Bruce Schneier
About this chapter
Cite this chapter
(2003). Security Is a Weakest-Link Problem. In: Beyond Fear. Springer, New York, NY. https://doi.org/10.1007/0-387-21712-6_8
Download citation
DOI: https://doi.org/10.1007/0-387-21712-6_8
Publisher Name: Springer, New York, NY
Print ISBN: 978-0-387-02620-6
Online ISBN: 978-0-387-21712-3
eBook Packages: Springer Book Archive