More Security or Less Insecurity

Chowdhury, Partha Das; Christianson, Bruce

doi:10.1007/978-3-662-45921-8_18

Partha Das Chowdhury¹⁶ &
Bruce Christianson¹⁷

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7061))

Included in the following conference series:

Cambridge International Workshop on Security Protocols

413 Accesses
1 Citations

Abstract

We depart from the conventional quest for ‘Completely Secure Systems’ and ask ‘How can we be more Secure’. We draw heavily from the evolution of the Theory of Justice and the arguments against the institutional approach to Justice. Central to our argument is the identification of redressable insecurity, or weak links. Our contention is that secure systems engineering is not really about building perfectly secure systems but about redressing manifest insecurities.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Anderson, R.: Why cryptosystems fail. In: ACM Proceedings of the First Conference on Computer and Communications Security (1993)
Google Scholar
Anderson, R.: Security Engineering. Wiley, Inc. (2001)
Google Scholar
Anderson, R.: Why Information Security is Hard — An Economic Perspective. In: Proceedings of the 17th Annual Computer Security Applications Conference, p. 358 (2001)
Google Scholar
Anderson, R.: RIPA III: A legislative turkey comes home to roost. The tragic consequences of anti-crypto law. The Register (2009)
Google Scholar
BBC. Tax Records for Sale (2003), http://news.bbc.co.uk/1/hi/business/2662491.stm
Blaze, M., Feigenbaum, J., Strauss, M.: Compliance Checking in the PolicyMaker Trust Management System. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 254–274. Springer, Heidelberg (1998)
Chapter Google Scholar
Camenisch, J., Van Herreweghen, E.: Design and Implementation of the idemix Anonymous Credential System. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 21–30 (2002)
Google Scholar
Chaum, D.: Untraceable Electronic Mail, Return Addresses and Digital Pseudonyms. Communications of the ACM 24(2), 84–90 (1981)
Article Google Scholar
Chaum, D.: Security without Identification: Transaction Systems to Make Big Brother Obsolete. Communications of the ACM 28(10), 1030–1044 (1985)
Article Google Scholar
Chaum, D.: Achieving Electronic Privacy. Scientific American, 96–101 (August 1992)
Google Scholar
Christianson, B., Harbison, W.: Why Isn’t Trust Transitive. In: Crispo, B. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 171–176. Springer, Heidelberg (1997)
Chapter Google Scholar
Chowdhury, P.D.: Anonymity and Trust in the Electronic World. PhD thesis, University of Hertfordshire (2005)
Google Scholar
Das Chowdhury, P., Christianson, B., Malcolm, J.A.: Anonymous Context Based Role Activation Mechanism. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2005. LNCS, vol. 4631, pp. 315–321. Springer, Heidelberg (2007)
Chapter Google Scholar
Ferraiolo, D., Sandhu, R., Gavrilla, S., Kuhn, R., Chandramouli, R.: Proposed NIST Standard For Role Based Access Control. ACM Transactions on Information and Systems Security 4(3), 224–274
Google Scholar
Harbison, W.: Trusting in computer systems. Technical Report 437, University of Cambridge (1997)
Google Scholar
Minutes of Evidence Taken Before Home Affairs Committee House of Commons. Inquiry into identity cards (2004), http://www.publications.parliament.uk/pa/cm200304/cmselect/cmhaff/130/13002.htm
KohnFelder, L.M.: Towards a practical public key cryptosystem. BS thesis, M.I.T (1978)
Google Scholar
Clifford Neuman, B.: Theodore T’so. Kerberos: An Authentication Service for Computer Networks. IEEE Communications 32(9), 33–38
Google Scholar
Sandhu, R.: Lattice Based Access Control Models. IEEE Computer 26(2), 9–19 (1993)
Article Google Scholar
Sen, A.: The Idea of Justice. Penguin (2009)
Google Scholar
Times News Service. Kolkata police set up blog for popular feedback (2009), http://timesofindia.indiatimes.com/city/kolkata/Kolkata-Police-set-up-blog-for-popular-feedback/articleshow/5034239.cms

Download references

Author information

Authors and Affiliations

Emotions Infomedia, India
Partha Das Chowdhury
University of Hertfordshire, UK
Bruce Christianson

Authors

Partha Das Chowdhury
View author publications
You can also search for this author in PubMed Google Scholar
Bruce Christianson
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

University of Hertfordshire, AL10 9AB, Hatfield, Hertfordshire, UK
Bruce Christianson & James Malcolm &

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Chowdhury, P.D., Christianson, B. (2014). More Security or Less Insecurity. In: Christianson, B., Malcolm, J. (eds) Security Protocols XVIII. Security Protocols 2010. Lecture Notes in Computer Science, vol 7061. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45921-8_18

Download citation

DOI: https://doi.org/10.1007/978-3-662-45921-8_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45920-1
Online ISBN: 978-3-662-45921-8
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics