[funsec] Origin of: Soft & Gooey, Hard & Crunchy
Predrag Ivanovic
predivan at nadlanu.com
Tue May 13 06:55:27 CDT 2008
On Tue, 13 May 2008 05:22:19 +0000 (GMT)
Paul Ferguson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Silly question, but I cannot for the life of me recall who
> coined the analogy(and actually, I can't recall the exact phrase)
> of network security being a matter of "soft and gooey inside, and
> hard and crunchy outside".
>
> Does anyone have a reference to the original coinage of this
> analogy?
>
> Thanks,
>
> - - ferg
[...]"Unfortunately, many of today's e-businesses implement the direct opposite of a citadel," Arnold writes.
"This can be viewed as an 'eggshell' security model: hard outer shell, soft in the center."
Also sometimes referred to as 'M&M security model'.
Interview with Tom Arnold:
http://itmanagement.earthweb.com/secu/article.php/791191
Whitepaper "An Electronic Citadel: A Method for Securing Credit Card and Private Consumer Data in e-Business Sites":
http://www.siia.net/software/pubs/aec-01.pdf
This is earliest mention of that phrase i could find.
HTH
Pedja
--
I am logged in, therefore I am.
More information about the funsec
mailing list