Cryptosmith

Gunnar Peterson and I have crossed paths on various occasions and he forwarded me a link to a recent blog entry of his: Authorization is a Puzzle, Authentication is Mystery. The distinction of puzzle versus mystery makes me think of another security either/or: intentions versus mechanisms. We often have a succinct statement of what we want, but it’s not always something the mechanisms can really do.

A favorite example in operating systems: sometimes you want to restrict ‘read’ access to ‘execute only’ so that processes can only retrieve from that part of RAM while fetching an instruction. Often there’s a trade secret (or military secret) being protected, but the technology can’t quite do what is desired.

Posted under Information Security |