| |
At the end of this chapter, we would like to provide a list of general guidelines for the sake of making better security decisions. Again the below is only a partial list:
1. Requirements First: It could be surprising for some of you that although we almost finish this introductory chapter, we have not mentioned about cryptography, yet. Cryptography is a tool we use (an important tool, though) in order to achieve our security goals. As we will see in the subsequent chapters, cryptography is not a cure-all solution. There are some attacks for which cryptography can be useful but for others it is not. Therefore no matter how fancy a crypto device (or how nice the graphical user interface of a security software) looks like, you should first ask yourself whether you really need it or not. After security requirements are correctly and precisely specified, it would be much easier to design effective and reliable security architectures.
|
|
|
