Lessons Learned in Implementing and Deploying Crypto Software

نویسنده

  • Peter Gutmann
چکیده

Although the basic building blocks for working with strong encryption have become fairly widespread in the last few years, experience has shown that implementers frequently misuse them in a manner that voids their security properties. At least some of the blame lies with the tools themselves, which often make it unnecessarily easy to get things wrong. Just as no chainsaw manufacturer would think of producing a model without a finger-guard and cutoff mechanism, so security software designers need to consider safety features that will keep users from injuring themselves or others. This paper examines some of the more common problem areas that exist in crypto security software, and provides a series of design guidelines that can help minimise damage due to (mis-)use by inexperienced users. These issues are taken from extensive real-world experience with users of security software, and represent areas that frequently cause problems when the software is employed in practice.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Lessons Learned from Implementing a Scalable Paas Service by Using Single Board Computers

When a Platform-as-a-Service is demanded and the cost for purchase and operation of servers, workstations or personal computers is a challenge, single board computers may be an option to build an inexpensive system. This paper describes the lessons learned from deploying the private cloud PaaS solution AppScale on single-node systems and clusters of single board computers.

متن کامل

Theory versus Application: A Study to Determine the Right Choice in Deploying an Enterprise Resource Planning (ERP) System

This paper discusses the critical use and lessons learned from the single case model while implementing an Enterprise Resource Planning (ERP) system at a leading university. The researcher examined one university’s business ERP in the deployment of a new enterprise system, a complex phenomenon which took place over several stages and involved different players at each stage. The paper discusses...

متن کامل

Lessons Learned in Deploying a Multi-Agent Learning Support System: The I-Help Experience

In this paper we look at the lessons learned from several large-scale real world deployments of the I-Help agent-based peer-help learning support system. These lessons divide into two main categories: software engineering lessons and usage lessons. In the deployments of I-Help to date we have learned a number of important things about the technology needed to support widespread use of a distrib...

متن کامل

Project risk management: lessons learned from software development environment

The challenges and realities in applying effective software risk management processes are difficult, in particular integrating the risk management processes into software development organizations. However, the benefits of implementing effective risk management tools and techniques in software development project are equally great. Current perceptions and emerging trends of various software ris...

متن کامل

Project risk management : lessons learned from software

58 The challenges and realities in applying effective software risk management processes are difficult, in particular integrating the 59 risk management processes into software development organizations. However, the benefits of implementing effective risk manage60 ment tools and techniques in software development project are equally great. Current perceptions and emerging trends of various 61 ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2002