Forwarded from: dont <dontat_private> > "In three to four years, we will have a billion IP addresses," he > said. "Do we still want to use TCI/IP? Do we still want the same > domain naming system? Do we still want the same wireless security > we're using today?" Well, back when this was first done, it was actually pretty well-funded. Research funding nowadays seems primarily tied to products, not growth of the field. In terms of actual knowledge of computer security issues, we have grown little. Not only do we fail repeatedly to put into practice "lessons learned", but we still do not have a good grasp of what the true defining questions are for us to research. No one can concur on the problem space definition, and, worse still, the problem space changes rapidly over time. Give academia money for basic research, and not tied to development, and maybe we will get surprised. > "Schools are pumping out too many students who approach security > mechanically from an engineering perspective," said Nimal Jayaratna, really? where? pumping out "too many"? I would love to see data on this... however, asking people to validate their claims is something we don't do anymore. > Some educators, such as Alexander Korzyk, assistant professor at the > college of business and economics at the University of Idaho in > Moscow, Idaho, questioned whether information security should remain > in the computer science discipline at all, or be moved to areas of > study more reflective of business risk issues. I can go along with the cross-disciplined idea, but I am fairly uncomfortable (ok, maybe incredibly scared) with MIS people taking over the research in this field. Yes, businesses should be aware of it, but honestly, I would rather try to teach comp sci folks about business analysis than the opposite. dont ========================================================================== If you must choose between 2 evils, pick the one you've never tried before ========================================================================== - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Jun 06 2002 - 23:03:12 PDT