veryard projects - innovation for demanding change

security notions

notion finder
home page contact us
notion finder
other notions
on this page

[biometrics] [firewall] [fortress] [guard/guarded] [impersonation] [inference control] [patch] [privacy] [secrecy/secret] [security] [trust] [vaccination] [warrant]


Use of supposedly unique biological characteristics as a supposedly reliable method of identifying people.
Veryard Project Papers Biometrics


A system boundary or barrier that permits or denies access, depending on the identity of the source/destination of a message or transaction.

Normally doesn't deal with content.


A supposedly secure space, protected by barriers such as firewalls.
Veryard Project Papers Fortress Model

Guard, Guarded

A role associated with an attitude or state.  An attitude or state associated with a defensive role or position.


Pretending to be someone else.  Identity theft. 
Veryard Project Papers Identity
Internet Identity Theft

Inference Control

Infererence Control means preventing unauthorized people from using intelligent seaches and enquiries to penetrate confidentiality or privacy.
Veryard Project Papers Privacy and Confidentiality
Information Leakage
General Notes on Inference


A local, temporary fix to a larger problem.  People attach nicotine patches to their arms, and leather patches to their sleeves.

Among other things, software patches are applied to close security loopholes in systems.  There are at least four problems with this:
People Don't Apply Patches Users and administrators are overwhelmed with patches, and they simply don't apply them.
Developers Forget Patches New versions of software may restore the loophole, because the patch has been forgotten.
Patchy Patches The patches themselves may be flawed - either failing to close the loophole properly, or introducing further problems and side-effects.
Patch Interference Multiple patches may interact in unpredictable ways - especially if the sequence of applying the patches is important.

In broader intervention however, the question isn't whether patches work, but whether we have any other choice.  Any finite and manageable intervention into a large complex system is necessarily a patch - at least from some perspective.  Although our fantasies and plans may be more grandiose, we can only make real changes in patches (components).

The challenge is to weave many patches (components) together into a coherent fabric (system).   This is where we need an organic approach - something akin to Christopher Alexander. 

Veryard Project Papers Organic Planning


"Privacy is something we should all get over having lost." [Scott McNealy, Sun Microsystems CEO]
Veryard Project Papers Privacy

Who Owns Your Mother's Maiden Name?

Privacy and Granularity

Secrecy, Secret

In an electronic age, many secrets are provisional, contingent. Something you had long forgotten - a past indiscretion, a false rumour - can be posted on the Internet and disseminated around the world.

If you want to be elected to public office, or marry a Norwegian prince, you apparently have to accept this as a matter of routine - for your nearest and dearest as well as for yourself.

Paper records in dusty offices may be hard to access, and therefore "practically obscure". But these records are still public, and therefore vulnerable to sudden broadcast, if someone chooses to turn a searchlight on you.

Veryard Project Papers Do you have a secret past?
Information Leakage
Internet Practically Obscure


security  as fence Security is a container.  It keeps the good stuff in and the bad stuff out.
security as game Security is a battle between attackers and defenders. Attackers try to navigating a complex (and changing) space, where each place or state gives you access to certain other places or states, and visibility of some further places or states not directly accessible.  Defenders try to detect intrusion, close off as many access points as possible, set traps, and keep changing the configuration of the space. This is a topological way of conceiving security.
security as landscape Security involves a complex terrain, where some points are (or appear) more attractive or vulnerable than others - to a range of diverse stakeholders. Security involves a balance of risk and reward.
Veryard Project Papers Demanding Security


A property of a system or relationship based on expectations of reasonable and fair behaviour.
Veryard Project Papers Trust


Dealing with a serious threat by creating and injecting (or disseminating) a feeble and attenuated version of it.

Someone sent me a notice about a conference called The Joy of Work - about management and spirituality.  My heart sank at the thought of all those earnest and jovial people, waffling knowingly about spirituality in a five-star hotel at some fancy Mexican resort. (Nice work if you can get it, though.)

Such conferences are packaged to make them as undangerous as possible. Business is a complex self-healing system, perfectly capable of neutralizing any really dangerous ideas, including spiritual ones. Let's send a few maverick middle managers off to Mexico to be vaccinated - infused with a weak and warm teabag spirituality - so that they will become immune to the real thing. They can then return to their organizations and spout pseudo-spiritual jargon, which in turn increases the resistance to dangerous ideas within these organizations.

Vaccination works by educating and exercising the immune system. A network security manager might try and persuade staff NOT to open weird email attachments by disseminating an extremely weak software virus -- perhaps one that does something mildly annoying and embarrassing -- Code Pale Pink perhaps.

Veryard Project Papers Resistance


Authority to perform certain security-charged acts, granted by an independent body (such as a magistrate).
Veryard Project Papers Security and Warrants

veryard projects - innovation for demanding change

[home page]

[contact us]

This page last updated on June 9th, 2004
Copyright © 2001-2004 Veryard Projects Ltd
in asssociation with 
antelope projects
CBDi Forum