From the current IEEE Security & Privacy Journal, Service-Oriented Security Indications for Use. In which I go a little deeper into the diagnosis of the 13 year and counting infosec design fail, and delve into some prescriptions as well. Thanks to Alex for reminding me to add another line on the chart, but I missed th pub date on this one.
Recent Posts
- Process Improvement with Checklists
- 2008 Lessons Not Learnt
- I am a better Security Pro because I am an Investor & I am a better Investor Because I am a Security Pro
- Security Integration or How do we make Gene Spafford Smile?
- Who Manages App Gateways? Who Indeed? Yo La Tengo - Call in Security DevOps
- Dreaming a Little Appsec Dream
- Making a *Gasp* Tech Dividend Growth Fund
- Infosec Mindset
- Security Failure Scenarios
- Trust
Blogroll
- Adding Simplicity - An Engineering Mantra
- Adventures of an Eternal Optimist
- Andy Steingruebl
- Andy Thurai
- Anton Chuvakin
- Arnon Rotem-Gal-Oz's Cirrus Minor
- Beyond the Beyond
- cat slave diary
- Ceci n'est pas un Bob
- cgisecurity
- ConnectID
- Cryptosmith
- Diggings
- Emergent Chaos: Musings from Adam Shostack on security, privacy, and economics
- Enterprise Integration Patterns: Gregor's Ramblings
- Financial Cryptography
- Global Guerrillas
- infosec daily: blogs
- James Kobielus
- James McGovern
- John Hagel
- Justice League [Cigital]
- Kim Cameron's Identity Weblog
- Krypted - Charles Edge's Notes from the Field
- Light Blue Touchpaper
- MAKE: Blog
- Mark O'Neill
- O'Reilly Radar
- Off by On
- ongoing
- Patrick Harding
- Perilocity
- Pushing String
- Rational Survivability
- rdist: setuid just for you
- Rich Salz
- RiskAnalys.is
- Ross Mayfield's Weblog
- Rudy Rucker
- Software For All Seasons
- Spire Security Viewpoint
- TaoSecurity
- The New School of Information Security
- Thomas P.M. Barnett :: Weblog
- Windley's Technometria
- WorldChanging: Tools, Models and Ideas for Building a Bright Green Future
- zenpundit
« Risk Reification - Generational Differences | Main | Bob Gourley: The Law of the Rodeo »
The comments to this entry are closed.
SOS: Service Oriented Security
- Security > 140
- Open Group Security Architecture
- Reference Monitor for the Internet of Things
- Cloud Security: The Identity Factor
- Don't Trust. And Verify.
- Monitoring Up the Stack
- Security Gateway Buyer's Guide
- How to Do Application Logging Right
- 10 Quick, Dirty, & Cheap Things You Can Do to Improve Enterprise Security
- Thinking Person's Guide to the Cloud, Part 1
- Software Assumptions Lead to Preventable Errors
- Logging in the Age of Web Services
- Service-Oriented Security Indications for Use
- The Economics of Finding and Fixing Vulnerabilities in Distributed Systems
- Silver Bullet Security Podcast
Comments