Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: Security Policy Model Creation for a Networked World

  1. #11
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    You are still mixing up a management policy (which is normally a bunch of useless platitudes) with an engineering concept that can be used to verify your security architecture.
    Actually, I'm not. Your engineering policy is useless without being tiered into the security model by the management layer.

    Your "tut" scoffs at this calling it "meaningless sound bits" however, without those sound bits your engineering model is about as useless as a one legged man in an ass kicking contest.

    That said, as a fellow engineer I can identify with the desire to stick it to the man because I too engage in the rhetoric daily. However, over the many years served in this industry I have come to understand and know my enemy. Management wants to be able to provide upward feedback that they have met the business requirements and the new legislation so they can continue to produce widgets. Management doesn’t care about technology or engineering; they care about the business. You are there to aid them in this, not the other way around.

    As my cohort catch has mentioned, your post is a collection of parts of many different models. Although I chose not to break it down to the level he has, you have to be honest and admit that this isn’t really a tutorial, rather, a collection of components fused together and spun from an engineer's point of view. Now, while I find your narcissistically cynical rant entertaining, it once again can be summed up by saying:

    Business Requirements + Mandated Requirements = Technical/Policy/Procedure Solutions.

    I’m done.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  2. #12
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    <paraphrase>If you build it they will crack it</paraphrase>

    Put any information into digital form, and you have lost control
    of it. Everyone has failed to learn the first lesson of the info age.
    We are in the middle of a paradigm shift. You cannot keep a secret.
    You cannot impose control over your own thoughts, much less
    the random foolishness of others. Anybody remember Barney Fife?
    I came in to the world with nothing. I still have most of it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •