Re: The Death of Defence in Depth ? - Aninvitation to Hack.lu

[Pavel Kankovsky <peak () argo troja mff cuni cz>]

On Wed, 10 Oct 2007, imipak wrote:

> The problem - well, *a* problem, anyway -  is that there are two
> contradictory axioms in infosec that are regularly cited to support or
> attack a particular strategy.
>
> "Defence in depth"

The lines of defense are as independent as possible.
The enemy does not win unless all of them are defeated.
Formally, the attacker has to satisfy a conjuction of conditions.

> "A chain is only as strong as it's weakest link".

The links of a chain are dependent.
The chain falls apart as soon as any of them are broken.
Formally, the attacker has to satisfy a disjuction of conditions.

There is no contradiction. You should try making the components of a
secure system as independent as possible, and any residual dependencies
should always go from less secure (and less important) components to more
secure (and more important) components, never the other way.

It was not difficult. Was it?


--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/