Published In

Proceedings of the 23rd National Information Systems Security Conference

Document Type

Conference Proceeding

Publication Date



Adaptive computing systems, Computer networks -- Security measures, Computer security


It has long been known that security is easiest to achieve when it is designed in from the start. Unfortunately, it has also become evident that systems built with security as a priority are rarely selected for wide spread deployment, because most consumers choose features, convenience, and performance over security. Thus security officers are often denied the option of choosing a truly secure solution, and instead must choose among a variety of post hoc security adaptations. We classify security enhancing methods, and compare and contrast these methods in terms of their effectiveness vs. cost of deployment. Our analysis provides practitioners with a guide for when to develop and deploy various kinds of post hoc security adaptations.


Paper presented at the 23rd National Information Systems Security Conference, Baltimore, MD, October 16-19, 2000.

Persistent Identifier