Understanding Secretless Security
In everyday life, basic security often relies on some form of secrecy. If you have $1,000 in cash under your bed, you are reasonably safe as long as no one knows it is there. Likewise, if you have all your money in a safe and the combination is 35-21-02-31, you can be pretty sure that it will still be there when you wake up tomorrow morning as long as the number remains secret. These security solutions are all based on secrecy, a concept that makes up the most basic form of security possible. If no one knows about it, or no one knows how to gain access to it, then it is reasonably secure. The only problem is that secrets are difficult to keep.
Relying on secrets for security has several weaknesses. For example, ...
Get Inside the Security Mind: Making the Tough Decisions now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
