NDLI: E-Prime for security: a new security paradigm

Please wait, while we are loading the content...

Cent, five cent, ten cent, dollar: hitting botnets where it really hurts

Challenging the anomaly detection paradigm: a provocative discussion

Sanitization models and their limitations

Googling considered harmful

E-Prime for security: a new security paradigm

Diffusion and graph spectral methods for network forensic analysis

PKI design for the real world

Dark application communities

Inconsistency in deception for defense

Large-scale collection and sanitization of network security data: risks and challenges

A pact with the devil

E-Prime for security: a new security paradigm

Content Provider	ACM Digital Library
Author	Greenwald, Steven J.
Abstract	This paper details a true and striking paradigm shift: the use of E-Prime for (at least) user-centered security, organizational/enterprise security policies and informal security policy modeling. In 1965, D. David Bourland, Jr. proposed E-Prime as an addition to Korzybski's General Semantics. Bourland defined E-Prime as that proper subset of the English language that omits any forms of the verb "to be." E-Prime seems desirable because two forms of the verb "to be" have structural problems with security implications that the use of E-Prime would eliminate. I first examine the rationale for E-Prime (reviewing the Sapir-Whorf hypothesis and the relevant parts of General Semantics), and then cover the basics of E-Prime. Next I examine the use of E-Prime with several "before and after" examples in the areas of user-centered security (Microsoft and ZoneAlarm software messages), organizational/enterprise security policy, and informal security policy modeling (including some examples from the U.S. Computer Security Act and the Clark-Wilson model); these examples show how EPrime can make great improvements in eliminating bad structure and how its use can lead to an overall improvement in security. I then present some of the discussion that occurred at the New Security Paradigms Workshop. I conclude with some thoughts for other areas of promising future research, including roles and responsibilities, program management, risk management, planning and the security life cycle, assurance, disaster planning, incident handling, user awareness and training, support and operations, spam detection, security engineering, and automated E-Prime tools.
Starting Page	87
Ending Page	95
Page Count	9
File Format	PDF
ISBN	9781595939234
DOI	10.1145/1278940.1278954
Language	English
Publisher	Association for Computing Machinery (ACM)
Publisher Date	2006-09-19
Publisher Place	New York
Access Restriction	Subscribed
Subject Keyword	E-prime Software life cycle sp800-12 Disaster planning Modeling Spam detection Life cycle Rbac User support and operations User centered security Information assurance Formal methods Security engineering Security life cycle Program management Informal security policy modeling Organizational security policy Security policy modeling Principle of linguistic relativity Enterprise security policy Sapir-whorf hypothesis Role-based access control User training Planning Clark-wilson General semantics Risk management User awareness Incident handling
Content Type	Text
Resource Type	Article

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in