Componentization of Security Principles

July 2014
Topics: Cybersecurity, Information Security Technologies, Computer Security, Technological Innovations, Information Privacy
Justin Richer, The MITRE Corporation
Dazza Greenwood, MIT Media Lab
Bruce J. Bakis, The MITRE Corporation
Download PDF (136.55 KB)

Security of computer systems is not a simple topic. As desirable as it would be, there exists no control that could be turned to “Maximum Security” without affecting other factors such as cost or usability. In reality, all security decisions are made in a complex context with various tradeoffs. Recognizing security as a contextual problem offers an occasion to view different aspects of security in a componentized way. These components depend on the context in which the security decision is being made, and some components follow here.

In this paper, the authors present a position on the value of componentizing security principles. They then discuss a set of emerging technologies that are able to make full use of such componentized principles. Finally, they present a high-level case study of one company’s deployment of this technology. 


Publication Search