In IT security, security through obscurity is the deliberal concealing of one's own IT infrastructure in order to make it less susceptible to intruding attacks. Its most common premise is that making the system or component not visible through conventional lenses improves the odds of it not actually being harassed by threats posed by hackers. It's common for systems relying on security through obscurity to implement other security measures, with the cloaking from outside forces being effectively an extra leayer of security. The technique stands in contrast with security by design and open security, although many real-world projects include elements of all strategies.
Relying on security through obscurity alone without caring about real safety measures leads to a false sense of security, which is often more dangerous than not addressing security at all.
 |
Example of security through obscurity.
Retrieved on 13/5/2016 from: http://www.treachery.net/articles_papers/tutorials/why_security_through_obscurity_isnt/index-2.html
|
No comments:
Post a Comment