Year
2021
File Attachment
a258.pdf290.73 KB
Abstract
The implementation of processes to protect us and our resources from those with malicious intent has been witnessed within every known civilization. This long history of developing protective solutions that meet the operational, environmental, technological, and intellectual constraints of a given time period provides useful lessons learned and insights. Additionally, significant efforts in the U.S. has been put forth in recent decades to leverage this observations and insights to protect critical pieces of infrastructure. Yet, these lessons and insights still tend to be applied in an ad hoc fashion. In response, an effort was undertaken to aggregate and collate these lessons and insights into a coherent set of logical, philosophical “first principles of security.” Building on a legacy of generating and applying creative security solutions to a broad range of critical infrastructure and high value assets, this initiative combined the thoughts and experiences of several long-time security experts and technical ethos of national laboratory scientists and engineers to craft a set of defined, conceptually clear, and fundamentally sound principles. For example, does successful protection only occur when there is the ability to detect an incursion by those with malicious intent; and respond appropriately to halt or dissuade said incursion? This definition will be considered and refined leveraging the proposed first principles of security. This paper will explore these proposed first principles, demonstrating that they are the fundamental concepts of security; specifically, this paper will consider these principles from a historic perspective, an emerging perspective, and a social perspective. The first principles, as presented in this paper, will be also be considered from an ontological view, that is, this paper will consider and review the concepts and terms used by active security implementers, security subject experts, and the literature.