Information security: science, pseudoscience, and flying pigs

Author

Schell, Roger R.

fYear

2001

fDate

10-14 Dec. 2001

Firstpage

205

Lastpage

216

Abstract

The state of the science of information security is astonishingly rich with solutions and tools to incrementally and selectively solve hard problems. In contrast, the state of the actual application of science, and the general knowledge and understanding of existing science, is lamentably poor. Still we face a dramatically growing dependence on information technology, e.g., the Internet, that attracts a steadily emerging threat of well-planned, coordinated hostile attacks. A series of hard-won scientific advances gives us the ability to field systems having verifiable protection, and an understanding of how to powerfully leverage verifiable protection to meet pressing system security needs. Yet, we as a community lack the discipline, tenacity and will to do the hard work to effectively deploy such systems. Instead, we pursue pseudoscience and flying pigs. In summary, the state of science in computer and network security is strong, but it suffers unconscionable neglect.

Keywords

Internet; computer network management; research and development management; security of data; Internet; coordinated hostile attacks; hard problems; information security science; information technology; network security; pseudoscience; scientific advances; system security needs; verifiable protection; Computer networks; Computer security; Information security; Information systems; Information technology; Information theory; Internet; Power system protection; Power system security; Pressing;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual

Print_ISBN

0-7695-1405-7

Type

conf

DOI

10.1109/ACSAC.2001.991537

Filename

991537