Home
Business Guide
 
simplicable technology guide   »  security   »  security vulnerabilities   »  security through obscurity

Security Through Obscurity

        posted by , August 16, 2013

Security through obscurity is a term to describe a design that's secure only because it's a secret.

It's any software, infrastructure, technique or algorithm that depends on a secret implementation for security.

Security through obscurity is generally considered a bad idea. Instead security designs should be so secure that you can show anyone the design and it will still be secure.

Definition: Security Through Obscurity

Security through obscurity is any code, infrastructure, technique or algorithm that wouldn't be secure if attackers could see its design.



So What?

A sophisticated security design can be shown to the world and remain secure.

Security through obscurity encourages weak designs. As a rule of thumb, if you design something you wouldn't want a hacker to see — there's probably something wrong with the design.


Security By Design

Security by design is any design that isn't weakened by being exposed to the world.

It's the opposite of security through obscurity.


Open Security

In order to ensure security by design it's common to publish the details of security designs, standards and algorithms.

This process of peer and public review hardens security.


Open Source vs. Proprietary Source

Open source software has to be secure by design because the world can see its code.

It's thought that proprietary software tends to be less secure because engineers are tempted to resort to security by obscurity.


Next: 10 Root Causes of Security Vulnerabilities »





People Who Viewed This Also Viewed
The 10 Root Causes Of Security Vulnerabilites Learn about common root causes of security risks.

Security »

Security Vulnerabilities »

Zachman Framework In 3 Easy Diagrams »

IT Security Guide »

Information Security Management in 90 Seconds »

Zombie Armies of The Digital Frontier »

Business Capability Driven Enterprise Architecture »

20 Easy to Use ITIL Metrics »


Related Articles



 Security Vulnerabilities
Exploitable flaws and weaknesses.



Most Popular Articles This Month

A current state enterprise architecture blueprint represents your organization's high level architecture. It's probably the most important documentation that any IT organization can create and maintain.

Do you have what it takes to be a good Enterprise Architect?

Why Enterprise Taxonomies are more exciting than they sound.

A guide to big data including an overview of key technologies.


Recently on Simplicable


Security Through Obscurity

posted by Anna Mar
Security through obscurity is generally considered a bad idea ...

Zombie Armies of The Digital Frontier

posted by Anna Mar
An quick explanation of botnets.

IT Security Guide

posted by John Spacey
A guide to information security including cheat sheets, best practices and checklists.

Principle of Least Privilege

posted by Anna Mar
A look at least privilege and need to know.

about     contact     sitemap     privacy     terms of service     copyright    

Cookies help us deliver our services. By using our services, you agree to our use of cookies.

Copyright 2002-2024 Simplicable. All rights reserved. This material may not be published, broadcast, rewritten or redistributed. Report violations here.