I find it interesting how guiding principles don't survive across IT disciplines. Take, for example, the concept of a security stance - your site's attitude toward security. The two fundamental postures are the secure, "default deny" and the reactive, "default permit" stances. In the "default deny" stance, you specify only what you allow and deny the rest, wherein with the "default permit" stance, the opposite is true; you specify only what you prohibit and allow the rest. The shortcoming of the default permit stance, of course, is that you must know what you need to deny prior to the exposure. This paper intends on applying the lessons learned from the lower levels of the OSI model to the upper layers.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
