- Author(s): Bishop, Matt
- Ford, Richard
- et al.
Published Web Locationhttp://ieeexplore.ieee.org/document/6112325/
Current security practice is to examine incoming messages, commands, data, and executing processes for attacks that can then be countered. This position paper argues that this practice is counterproductive because the number and variety of attacks are far greater than we can cope with. We propose a results-oriented approach, in which one focuses on the step of the attack that realizes the compromise. Thus, the manner in which the compromise is effected becomes less important than the actual result, and prevention, detection, and recovery efforts are focused on that.
Many UC-authored scholarly publications are freely available on this site because of the UC Academic Senate's Open Access Policy. Let us know how this access is important for you.