Uncovering Assumptions in Information Security

Armstrong, Helen; Bishop, M.

19581_downloaded_stream_99.pdf (139.4Kb)

Access Status

Open access

Authors

Armstrong, Helen

Bishop, M.

Date

2005

Type

Conference Paper

Metadata

Show full item record

Citation

Armstrong, Helen and Bishop, Matt. 2005. : Uncovering Assumptions in Information Security, in Miloslavskaya, Natalia and Armstrong, Helen (ed), WISE4 Forth World Conference "Information Security Education ", May 18 2005, pp. 223-231. Moscow, Russia: Moscow Engineering Physics Institute (State University), Russia.

Source Title

Success Through Information Security Knowledge - Proceedings of the IFIP TC11 WG 11.8 Forth World Conference "Information Security Education" (WISE4)

Source Conference

WISE4 Forth World Conference "Information Security Education "

Additional URLs

http://www.ifip.org/home.html

Faculty

Curtin Business School

School of Information Systems

Remarks

This article originally published by the International Federation for Information Processing.

URI

http://hdl.handle.net/20.500.11937/37157

Collection

Curtin Research Publications

Abstract

The design and implementation of security is based upon many assumptions. This paper discusses the need for students to learn to question assumptions, and in so doing identify unrealistic or incorrect assumptions and any associated policies. More realisticassumptions can then made and/or procedures implemented to protect against violation ofthe assumptions. A number of examples in the context of teaching computer security arediscussed and some methods of teaching awareness of assumptions presented.