Title :
A patch in nine saves time?
Author :
Arbaugh, William A.
Author_Institution :
Dept. of Comput. Sci., Maryland Univ., Baltimore, MD, USA
fDate :
6/1/2004 12:00:00 AM
Abstract :
A fundamental fact in computer and network security is the impossibility of 100 percent assurance that a computer system is trusted. By trusted, we mean that the system always operates as expected by design and policy. For more than 25 years, the security community has focused on technology to solve these problems, yet information systems remain as vulnerable. Given the difficulties of developing software without potential vulnerabilities, we must develop best practices for "penetrate and patch" cycles and configuration management procedures.
Keywords :
authorisation; computer crime; computer networks; invasive software; computer network security; computer security; configuration management procedures; information system; trust; Best practices; Computer science; Computer security; Educational institutions; Information security; Information systems; Military computing; Mission critical systems; Monitoring; Software quality;
