• Complain

Wes Kussmaul - Dont Get Norteled: Authenticity works where information security technology has failed us

Here you can read online Wes Kussmaul - Dont Get Norteled: Authenticity works where information security technology has failed us full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2015, publisher: PKI Press, genre: Politics. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Wes Kussmaul Dont Get Norteled: Authenticity works where information security technology has failed us
  • Book:
    Dont Get Norteled: Authenticity works where information security technology has failed us
  • Author:
  • Publisher:
    PKI Press
  • Genre:
  • Year:
    2015
  • Rating:
    3 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 60
    • 1
    • 2
    • 3
    • 4
    • 5

Dont Get Norteled: Authenticity works where information security technology has failed us: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Dont Get Norteled: Authenticity works where information security technology has failed us" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

The Wall Street Journal reports that the demise of multi-billion-dollar Nortel Networks was largely due to a few stolen passwords. Could the same thing happen to your company? Learn why information security technology cant prevent identity attacks and learn what will prevent identity attacks.
So ask yourself: Do you think its possible to determine the intentions and character of the sender of a stream of bits? Isnt that like asking your buildings receptionist to determine the intentions and character of everyone who walks through the door?
Of course you wouldnt do that. Instead, you would have her or him issue a badge identifying who is responsible for what happens while theyre in the building. Its not about guard dogs and razor wire, its about accountability.
If your company is relying upon firewalls and intrusion detection systems and intrusion prevention systems and antimalware and security information event monitoring and similar stuff, it is relying upon the assumption that you can determine the intentions and character of the sender of a stream of bits.
In Dont Get Norteled, youll learn why identity is at least as important as identity management, and youll learn how to implement a system of pervasive digital signatures from measurably reliable identity credentials.

Wes Kussmaul: author's other books


Who wrote Dont Get Norteled: Authenticity works where information security technology has failed us? Find out the surname, the name of the author of the book and a list of all author's works by series.

Dont Get Norteled: Authenticity works where information security technology has failed us — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Dont Get Norteled: Authenticity works where information security technology has failed us" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make

DONT GET NORTELED Copyright 2014 by Wes Kussmaul All rights reserved No - photo 1

DONT GET NORTELED Copyright 2014 by Wes Kussmaul All rights reserved No - photo 2

DONT GET NORTELED

Copyright 2014 by Wes Kussmaul. All rights reserved. No part of this book may be reproduced in any form by any electronic or mechanical means, including photocopying, recording, or information storage and retrieval, without permission in writing from the publisher.

Excerpts from publications of The Internet Society Copyright The Internet Society (1999). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards, in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.

Ten Risks of PKI: What Youre Not Being Told About Public Key Infrastructure, originally published in Computer Security Journal, Vol. 16, No. 1, 2000, is reproduced with the kind permission of Carl Ellison and Bruce Schneier. Portions of Improvements on Conventional PKI Wisdom from the Proceedings of the First Annual PKI Research Workshop are reproduced with the kind permission of Carl Ellison. The World e-Trust Memorandum of Understanding (MoU) is reproduced by permission of the International Telecommunication Union.

Identity is the Foundation of Security, Tabelio, InDoors, Dorren, Quiet Enjoyment, Quiet Enjoyment Infrastructure, PEN, and QEI are trademarks of The Authenticity Institute, Inc. Village and VIVOS are U.S. registered trademarks of Global Villages, Inc. Other trademarks mentioned in this book are the property of their owners. Patents pending.

Kussmaul, Wes, 1946-

Dont Get Norteled: Authenticity Works where Information Security Technology Has Failed Us

by Wes Kussmaul.

ISBN -13: 978-1-931248-25-9

ISBN-10: 1-931248-25-7

1. TelecommunicationSecurity measures. 2. InternetSecurity measures.

3. False personationPrevention. 4. Privacy. I. Title.

For my wife

Maria Lewis Kussmaul

Contents

Part I of QEI
People: The Authenticity Infrastructure
Part II of QEI
Places:The InDoors Infrastructure
Part III of QEI
Things:The Common Vocabulary Infrastructure

Who are you?

I really want to know.

- The Who, Who Are You?

Foreword

by Dan Geer

The single most important step in engineering is to get the problem statement right. This is as true in social engineering as it is in information systems engineering. Wes Kussmauls book is an attempt to do just that: to get the problem statement right, and to do so where social and information systems engineering meet, which is to say security. He deserves a gold star for even trying.

Such work is not easy. Those who say it is easy are either fools or charlatans. Kussmaul is neither a fool nor a charlatan. He brings to the task the benefit of prolonged study but he has necessarily bitten off a lot; the question for you, the prospective reader, is can you chew what he has bitten off? The answer is a hopeful yes, but it is not trivial the way marshmallow fluff is trivial. This is difficult territory because it is important.

The four verities of governance are:

Most important ideas are not exciting.

Most exciting ideas are not important.

Not every problem has a good solution.

Every solution has side effects.

In no part of modern life is this more true than in the interplay around security. Security is about tradeoffs between simplicity and flexibility, between effectiveness and precision. Forks in the road appear at every turn, between security and privacy, between the public and the private, between the national and the local, and so forth. To get the big picture, as it is generally called, is very, very difficult. Getting the big picture absolutely does not mean backing off far enough that you can make blurry pronouncements as if details didnt matter security is exactly where details matter most. Getting the big picture in security means to have a near-complete view of every detail.

Why every detail? Because for security to work you have to know how it fails. If that doesnt strike you as profound, pause for a moment and re-think your intuition. How security fails drives how security can be applied and how it can advance; for that reason the details matter, and they matter enormously. All the security technologies and strategies that have been developed to date have something to teach us about what not to do next time. If we grasp the failure modes then we can make progress. If we cannot, then we are doomed to reinventing the unworkable.

In that bigger picture we, all of us, are jointly at a considerable crossroad with respect to security. There is no doubt that information society is an apt enough description of the future. Thus the main and nearly philosophical question before us is whether we craft security technology that conforms to the real world intuitions of real people, or whether we expect those real people to conform to the security technology that we actually build. In other words, what is the problem statement?

Kussmaul attempts to answer this. and because he is looking forward there is necessarily some speculation to what he has to say. Perfect predictions of possible futures do not exist and because security is largely about tradeoffs he has to make some. This is a sign of rationality because it is only the fool or the charlatan who says that You can have it all. Instead, Kussmaul starts from What do we want? and from that derives What do we need? He understands that trust is efficient but only if there is recourse to its misuse. He understands the real world intuitions of real people and deftly uses analogies of the physical world to derive what is missing in todays security solutions.

He has even gone so far as to practice what he preaches. He establishes a base point that identity must matter and from there critically reviews nearly every one of the security worlds existing answers to the identity question. He is skeptical (what the great thinker Santayana recommended by calling skepticism the chastity of the intellect) but, as every businessman has learned, there is no point in complaining if you dont have an alternative. This book is both that complaint and that alternative. Kussmaul has become an Individual Adherent of the Latin Notariat (read on). He has implemented the technology for his vision if for no other reason than to prove by demonstration that it is can be done. His effort, in other words, is the real thing.

It is, of course, true that in the social and technology marketplaces the best product frequently does not win. If best always won there would be no need for advertising, after all. This is perhaps especially true when it comes to technologies that succeed most when they are least visible, and that describes security technology particularly well. In fact, one of the National Science Foundations four grand challenges in digital security is to make being safe no longer require being an expert. If being safe is to not require massive re-education then being safe will have to rely on one of two things: the publics intuitive and thus willing participation in its own security, or the publics outsourcing its safety to someone else to take care of it for them a privatized digital nanny state. To this writer, the latter is anathema.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Dont Get Norteled: Authenticity works where information security technology has failed us»

Look at similar books to Dont Get Norteled: Authenticity works where information security technology has failed us. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Dont Get Norteled: Authenticity works where information security technology has failed us»

Discussion, reviews of the book Dont Get Norteled: Authenticity works where information security technology has failed us and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.