|
In this chapter, we analyzed the effectiveness of two good security designs. Each provided multiple layers of defense using different security techniques to provide defense in depth, and each would prove difficult for a real-world attacker to break into. However, as good as they were, we were able to identify areas in each that could be improved. The process we used to accomplish this was adversarial review. Instead of concentrating on what the security architecture prevented, we concentrated on what it might allow. As is often the case, a design might allow far more than you expect. When performing your own adversarial review, keep a few things in mind:
It is much better for you to conduct this review than to allow the vast collection of Internet attackers to perform it for you. We hope this chapter has provided you with the incentive to look at your designs in a new light. |
|