Getting humans into the loop for assuring security
Posted by Ken Y-N on August 3rd, 2009 at 03:57pm
This post on Iron Fog, a blog with the tag line “Thinking about security in this wonderful world of cloud based everything”, got me thinking, even though the post had very little to do with trusted computing. Talking about the security stack A6, Ben said:
There’s one problem, providing assurance can’t be done by machines alone – you need a human element, one that stands up and says “these results are true and good”. Outside of wild notions about black box mechanisms and trusted computing, I’m hard pressed to find a technology solution to achieve this.
Th entry goes on to discuss how ideas from financial reporting may be extended to cover security declarations. It’s an interesting post, despite the off-topicness.
Leave a Comment for Getting humans into the loop for assuring security