the separation of security and software

We’ve all heard of “security from ground up”, “security is not a feature, it’s a process”, “Embedded security”, “Security awareness”. All of this sounds like self-censorship applied to the software developer.

Today, i chanced upon James McGovern’s Firewall 2.0 which reminded me of a discussion i had recently with Marc Blanchet about how Security section became mandatory in every RFC. My argument could be formulated this way : “This move goes against a basic good design principle : separation of concerns“. Then i acknowledged that this fits into a more general movement in favor of security.

Generally speaking, security comes at the cost of freedom. There is no workaround. Whereas freedom is essential to development. Including software development. Security and Development are two antagonist values, and there should be two antagonist powers behind them. None should care about security and development at the same time. Otherwise he will certainly break both.

Advertisements

2 Comments

  1. sme
    Posted April, 17 2008 at 19:01 | Permalink

    Interesting thoughts. I beg to differ, however, on the freedom aspect of coding. What about performance and other non-functional requirements that constrain software development? Separation of concern isn´t possible in these cases either and developers are required keep them in mind during development. When a product isn´t performing well, developers and designers are held accountable. Why should it be any different for security?

  2. Posted June, 28 2008 at 17:49 | Permalink

    because security depends on context. what is secure in a certain context, is not in another. what is secure for me, is not for you. moreover, what is secure now, will maybe not tomorrow. it’s more like a feeling than anything else. it depends on risk, which of course can be empirically evaluated. but evaluating risk, as a task, has nothing to do with code. it has more to do with sociology, geopolitics… something like that.

    I don’t think a plain coder is a suitable person to do security. And if he does, he has to be focused on that.


Post a Comment

Required fields are marked *
*
*

%d bloggers like this: