Why new Secure Internet solutions are technically Hard
Information Security is both very hard and very easy at the same time. Not only are Internet Nasties a nuisance, or worse, they prevent the new, useful Applications and Networks like e-Commerce, i-EDI, e-Health, e-Banking, e-Government and other business/commercial transactions systems. Perfect Security isn't possible: ask any bank. Defenders need to be 100.00% correct, every minute of every day. Attackers need just one weakness for a moment to get in. Not all compromises/breaches are equal: from nothing of consequence, up to being in full control with system owners not being aware of it. All 'Security Systems' can only be "good enough" for their role, which depends on many factors. How long do you need to keep your secrets? Minutes or Decades? Building a system isn't an end-point: "Information Security is a journey, not a destination" (Schneier) Security has two aspects: creation and operation or patrolling. Not only do you have to build it safe, ...