1. the security functinality triangle

what is the the security functinality triangle? i couldn't find nothin of google that would explain this term.

2. God:

The easiest way to imagine the extent of functionality is a triangle with Functionality, Ease of Use and Security at the 3 corners. If there is too much functionality, there will be nominal security and it would be very hard to use for the average person. Alternatively, if it is too easy there will be almost no security or functionality. Finding the optimal point on the triangle is the hardest part of this step and involves taking into account the average computer literacy of the organizations user base.
Found here from this Google search

Hope this helps.....

3. sorry i did not put the & i thought that google put it by default

4. Quod

You may not understand Boolean parameters.......................try putting things in parentheses (inverted commas) like "this"................it will string all words together?

Cheers

5. what are the sides of the triangle??

6. Quod

FUNCTIONALITY has an "o" in it huh?..............Google is for people who have some intelligence?.............it assumes that you spell the words correctly?

Cheers

7. you don't need the &. Actually, google drops them when you do the search...

without the & it is the 4th link that I got on google.

8. Soul: Then why was it the first with my "&"'s?

The first search I did didn't look as good but it is the one you are talking about. I only scan the first 2 or 3 results to see if they are getting close... My &'s put what I wanted at the top so Google doesn't drop them..... It means I _insist_ that _all_ words are in the result as opposed to the site with the most of _some_ of the words are in the result.... It's a big difference..... Though not really in this case...

9. Looks like this is turning into a "how to use google" thread, which is a shame, because the original question is a good one.

The security functionality triangle/triad is an interesting concept, but it has never really caught on at higher levels. the reason for this is that iccomplete, difficult to quantify, and is frequently misapplied.

Incomplete because it fails to include "time" and or "cost", which I'll touch on in a moment.

Difficult to quantify... "what makes this easy to use? is it eaiser or harder now?" Though functionality and security are possible to accurately quantify.

The idea of security/usability/functionality all making up finite, mutually exclusive fails to apply to computer systems. (why it is most frequently applied) Computer security can be absolute the only road block is system cost. It is possible for formally verify every single state a system can ever exist in and ensure each state to be secure, with no regard for functionality/usability, though these things make the system more complex so the cost goes up, typcally way up. In physical environments (like banks for example) this model is more applicable, but still here it lacks the key component "time." If you have F functions that a banker can do and each function takes T time with a level of S security for example... and you desire to make the system more usable you have a few options:

If you wish to keep T constant and you add more fluff (extra steps is typically how you get greater easy of use) to ease usage: U , F and S must decrease. However you can also keep T constant and decrease either F or S at a rate of inverselt proportional to its counterpart.
But what if we can work with T? Now lets add more U and keep F the same... if we add more time this is possible and we can even keep S the same, with added checkpoints for the increase in U by adding still more time.

In short this is a good thorey to know, but I wouldn't base any work on it.

catch

10. so it is a triangle model that basicaly says that you could sacifice security usability/functionality and increase security for less usability/functionality. and the reason it is not refered to as often is because it lackes the valiable of time.
catch thank for the info although you lost me on the last 2 paragraph when you talk about banks, and time. could you please explain it in different words, and if i already have it on my first sentance , then thank you.

Page 1 of 2 12 Last

Posting Permissions

• You may not post new threads
• You may not post replies
• You may not post attachments
• You may not edit your posts
•