from "Security Engineering" by Ross Anderson
- Policy: know what you're supposed to achieve
- Mechanism: access controls, hardware tamper resistance, other machinery you use to implement the policy
- Assurance: amount of reliance you can place on each particular mechanism, and how well they work together
- Incentive: the motive that the people defending your system have to do their job properly, and the motive attackers have to defeat your policy
- This was a failure of policy
- Knives up to 3 inches long were permitted!
- Screeners were effective at keeping out guns and explosives. So mechanism was ok
- Subject = a physical person
- Principal = an entity that participates in a security system