Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ESORICS
1994
Springer
1994
Springer
Liability and Computer Security: Nine Principles
The conventional wisdom is that security priorities should be set by risk analysis. However, reality is subtly different: many computer security systems are at least as much about shedding liability as about minimising risk. Banks use computer security mechanisms to transfer liability to their customers; companies use them to transfer liability to their insurers, or (via the public prosecutor) to the taxpayer; and they are also used to shift the blame to other departments ("we did everything that GCHQ/the internal auditors told us to"). We derive nine principles which might help designers avoid the most common pitfalls.
Real-time TrafficConventional Wisdom | ESORICS 1994 | GCHQ/the Internal Auditors | Security Priorities | Security Privacy |
| Added | 09 Aug 2010 |
| Updated | 09 Aug 2010 |
| Type | Conference |
| Year | 1994 |
| Where | ESORICS |
| Authors | Ross J. Anderson |
Comments (0)
Researcher Info
|
