[Cryptography] The Laws (was the principles) of secure information systems design

[John Denker]

On 07/12/2016 01:30 PM, Peter Fairbrother wrote:

> I've been revising the principles, and came up with this. It's an early version.
> 
> As ever, corrections and suggestions are welcome.

Let's not forget the most important law of all.  There is one law to
rule them all, and in the darkness to bind them:  Murphy's law.

For example, we can use this to clarify the following:

> Law 13: Nothing ever really goes away 

Nothing every really goes away, unless you were trying to preserve it.

Seriously, on almost any given day, more people suffer from having not
enough copies of their data (e.g. disk crash) than from having too many
copies of their data (e.g. theft of private information).

==============

Tangentially related:

> Law 11: Security is a Boolean

... and the boolean value is always false.  When the pointy-haired boss
asks, "Will it be secure if we do ....." the security expert answers
"NO" without waiting to hear the rest of the question.  Nothing is
ever secure in the boolean sense.  Instead the expert asks, "How much
risk can you afford, and how much are you willing to spend to mitigate
the risk?"

To which the pointy-haired boss responds "zero, and zero."

==============

Also related to all of the above:  Security (in the sense used in
this forum) is never the whole story.  I can secure my laptop by
putting it in a safe, welding the door shut, and storing it in a
locked room with armed guards posted outside.  The problem is,
that detracts from the usability.

The challenge is to provide security while also providing high
availability and high usability.

These are complicated issues.  For example:
  -- The 9/11 plotters go undetected, and people ask, why didn't
   you do a better job of sharing the data and connecting the dots?
  -- Then Pvt. Manning comes along, and people ask, why didn't
   you do a better job of compartmentalizing the data?

All the simple answers are wrong.
All the pithy laws are wrong.