Assessing the Assurance of Retro-Fit Security
"Commodity systems (UNIX, Linux, Windows) are all highly vulnerable
Have to retrofit them to enhance security
"But there are lots of retrofit solutions
Are any of them effective?
Which one is best?
For my situation?
"Instead of “How much security is enough for this purpose?”, we get “Among the systems I can actually deploy, which is most secure?”
Consumer says “We are only considering solutions on FooOS and BarOS”
Relative figure of merit helps customer make informed, realistic choice