0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 About

Senior PaperTomhave 13

problems, and they on you in turn. Of course, this approach is dependent on the good

will of the community, which is not always the case. However, when it comes to

capitalism, if you can make your resources useful to someone else, they will likely

reciprocate by making their resource available to you. In the end, the same objective

is achieved, despite different underlying mechanisms and rules for interaction. Having

established a strong foundation in education to work from, we can now get into areas

that are specific to security.

The first step in using education to improve security is to change the way people

think about security. Security is currently an after-thought, an add-on, or notinherent

in the system. As a result, many flaws exist between the implemented security

measures and the rest of the system. Instead, the move needs to be made away from

thinking of "Systems and Security" to the notion of "Secure Systems."Though this

may seem likely a trite linguistic shift, it really represents a major paradigm shift. By

thinking about security as being inherent in the system and building it in from the

beginning, systems will become much more stable in terms of security. Along with this

stability comes a decrease in the probability that flaws will exist between system and

security because the system is secure. How would this concept fit with OOD? Quite

simply, it means developing a superclass object that is inherently secure, rather than

developing a descended object that deals with security. In this way, security will

always exist in the system, rather than running the risk of leaving openings that can't or

won't be covered. From a management perspective, this idea equates to integrating

security concepts into strategic and operational planning from the beginning. Instead

of saying "We want to use the web for electronic commerce. And, oh yeah, we had

better encrypt the connection just to be safe." we will instead say "We want to conduct

electronic commerce in a secure environment. Therefore, we must first produce a fully

secured system and then build the site around that system, utilizing functionality such