Visible to the public SoK: Science, Security and the Elusive Goal of Security as a Scientific Pursuit

Submitted by grigby1 on Thu, 12/28/2017 - 1:36pm
TitleSoK: Science, Security and the Elusive Goal of Security as a Scientific Pursuit
Publication TypeConference Paper
Year of Publication2017
AuthorsHerley, C., Oorschot, P. C. v
Conference Name2017 IEEE Symposium on Security and Privacy (SP)
ISBN Number978-1-5090-5533-3
KeywordsCollaboration, composability, computer security, connections between research and observable world, Context, Geometry, historical science, History, history of science, Human Behavior, human factors, Mathematical model, Metrics, philosophy of science, Policy-Governed Secure Collaboration, pubcrawl, reliability, Resiliency, Scalability, science of security, security, security of data, security research, SoK
Abstract

The past ten years has seen increasing calls to make security research more "scientific". On the surface, most agree that this is desirable, given universal recognition of "science" as a positive force. However, we find that there is little clarity on what "scientific" means in the context of computer security research, or consensus on what a "Science of Security" should look like. We selectively review work in the history and philosophy of science and more recent work under the label "Science of Security". We explore what has been done under the theme of relating science and security, put this in context with historical science, and offer observations and insights we hope may motivate further exploration and guidance. Among our findings are that practices on which the rest of science has reached consensus appear little used or recognized in security, and a pattern of methodological errors continues unaddressed.
URLhttps://ieeexplore.ieee.org/document/7958573/
DOI10.1109/SP.2017.38
Citation Keyherley_sok:_2017
Groups: