- Admissibility: Is the host device/channel valid and safe?
- Authentication: Who are you?
- Authorization: What are you allowed to do?
- Availability: Is the data accessible?
- Authenticity: Is the data intact?
Tuesday, July 17, 2007
Most everyone associated with security is familiar with the standard four layer security model. Well, in August of last year Bruce Schneier published a brief update of this on his blog. Dave Piscitello proposed adding another layer. I liked it so much that I typed out the whole list and stuck it on my cube wall so I wouldn't forget it.