Section 18.5. Conclusion


18.5. Conclusion

Security work seems very much like war, espionage, or intense gaming. The security admins know things the attackers don't, and vice versa, and each is trying to use his knowledge to the other's disadvantage, while keeping the knowledge secret. It seems very much like watching a game of cat-and-mouse as the security admins take advantage of vulnerabilities in the attackers' tools to observe their activity, deliberately allowing machines to remain compromised in order to trace the attack. Meanwhile, the attackers keep discovering new vulnerabilities to make further attacks.

Security administrators work on the front lines defending against people who are trying to compromise the computer systems that support much of our modern society. At times, security admins might appear paranoid, but there really are people out to get them. In this chapter, we introduced the work practices, tools, and needs of this important group as revealed through our field observations and interviews. Security work involves research into emerging threats, situational awareness of system status, integration and processing of data from multiple sources, and, most importantly, human judgment as to whether a particular pattern of activity is legitimate. As computer systems continue to increase in number and complexity, and as network traffic continues to increase, this work will only get harder unless better tools are developed.



Security and Usability. Designing Secure Systems that People Can Use
Security and Usability: Designing Secure Systems That People Can Use
ISBN: 0596008279
EAN: 2147483647
Year: 2004
Pages: 295

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net