|
 How
Is Your Philosophy of Security Engineering?
Why Mindless Incremental Engineering is
dangerous to Security
By Roy D. Follendore III
Copyright (c) 2001 RDFollendoreIII
All Rights Reserved
When you take the time to step back and think about it,
it is self evident that all philosophy takes place in the mind and represents
the rational rules of perspective. It is not "out there", it is always "in
here". It what defines the universe and we use it as a tool to manage the
Universe. As humans we can adapt the philosophy that seems to best be
associated with who and what we are.
If Science and Engineering are part of our Universe then it is necessary to
have the means to consistently relate their practices within a coherent
association with who and what we are as members of our community. If we do not choose to conscientiously
do this then we will have chosen to allow the chaos of the Universe to drive our
goals, our aspirations and our ambitions. By the rules of the natural
universe, it should be apparent to all that the moment we give up the ideals of
reasoned and arguable order, we are instantly defeated by inherent process
of entropy. We must be willing to state and argue our philosophical perspective
if we are to entertain notions of the existence of acceptable verification and
validity.
For those of you who are bound by logic, consider the importance of managing
logic in a rational manner.
- Philosophy is the ultimate Science of Sciences and
the Engineering of Engineers.
- Philosophy is critical to Science just as it is
critical to the Science of Engineering Security.
Security Engineering means more than driving a stake into the ground and
making a stand on a policy argument. Security is not something that can be
or should be self supporting. It is an interdependent consideration of reason. Without a
comprehensive philosophy it becomes impossible
to determine where to best to place that stake and it it also becomes impossible
thereafter to decide where to move next. Without a valid Philosophy of
Security Engineering, there can be no valid scientific perspective from which to
compare and further develop technology. Without a Philosophy of Security Engineering we
are simply mindless masons laying viral bricks, not the architects of our
future. Without the notion of a valid philosophy we can not know what
we know.
As a global society we have to know and understand the
philosophical boundaries of security or we
can not know exploration of thought from malicious intent or intent from
practice. Without philosophical boundaries there is no difference between
truth and lies, privacy and justification, secrecy and lost opportunities.
If we do not establish a reasonable and justifiable Security Engineering as a Scientific
Philosophy then we shall be allowing technology to rule our motives and our
goals. The power of technology to save or to destroy the destiny of
man is upon us. If we do not control this great venture of communication
to which we as a race have launched ourselves then we will be at the mercy of
all of the possibilities that come from incremental events, however
small.
Establishing and maintaining an environment where a
comprehensive philosophy of security can flourish is obviously a serious
long-term intellectual undertaking but it is one that
will lead to wonderful discoveries, opportunities and advantages. It provides a
tremendous payoff.
This section is about my journey in discovering a new
Philosophy for Security Engineering. It is about changing the philosophy
of Security Engineering from a mindless secrecy creation activity into a mindful
knowledge productive process. It is about creating an understanding among
people that secure communication is appropriate internally within organizations
and can sometimes be even more appropriate between adversaries.
| 
