{"title":"很好的保证","authors":"Jeff Williams, M. Schaefer, Douglas J. Landoll","doi":"10.1109/NSPW.1995.492347","DOIUrl":null,"url":null,"abstract":"This paper describes the need for pretty good assurance: clearly stated claims about the security properties of systems accompanied by evidence that explains in clear terms why we should believe that these claims are substantiated. Several different types of threats are identified and their relationships to assurance are explored. The developer's role in creating on assurance argument is distinguished from the user's role in consuming assurance. Finally, some thoughts on the future are presented.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Pretty good assurance\",\"authors\":\"Jeff Williams, M. Schaefer, Douglas J. Landoll\",\"doi\":\"10.1109/NSPW.1995.492347\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper describes the need for pretty good assurance: clearly stated claims about the security properties of systems accompanied by evidence that explains in clear terms why we should believe that these claims are substantiated. Several different types of threats are identified and their relationships to assurance are explored. The developer's role in creating on assurance argument is distinguished from the user's role in consuming assurance. Finally, some thoughts on the future are presented.\",\"PeriodicalId\":111230,\"journal\":{\"name\":\"Proceedings of 1995 New Security Paradigms Workshop\",\"volume\":\"48 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1995-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of 1995 New Security Paradigms Workshop\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NSPW.1995.492347\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of 1995 New Security Paradigms Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NSPW.1995.492347","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
This paper describes the need for pretty good assurance: clearly stated claims about the security properties of systems accompanied by evidence that explains in clear terms why we should believe that these claims are substantiated. Several different types of threats are identified and their relationships to assurance are explored. The developer's role in creating on assurance argument is distinguished from the user's role in consuming assurance. Finally, some thoughts on the future are presented.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
