Conclusion left to be written

PBDSecPaper.tex

@@ -182,13 +182,11 @@ The last, and by no means least, important topic that must be tackled in this se
 While this paper proposes one model for security design and development this, by no means, is the only model for implementing security in a system.  ``Defense in depth''~\cite{DoD2002} is a model in which security is derived from the application of multiple mechanisms; to create a series of barriers against attack by an adversary.  Unfortunately, for the model, without any sound security architecutre and supporting theory, the non-constructive basis of this approach equivicates this model to a temporary patch; putting barriers in places does not equate to levels of trustworthiness.  The ``Balanced assurance''~\cite{Lunt1988}  model centers around a hierarchy of security policies, where different policies are allocated to different components of a system.  The concept is that the trustworthiness of a given component must be consistent with the importance of that component's policy; the greater the trustworthiness the greater the importance of that component.  The fault here is that a system can only be considered as secure as it's least secure component.  While an interesting model and shows promise with respect to specific scenarios, this is not an overarching model that will function in all cases.  There are multiple models for performing/implementing security, but a significant part of the cost of building a secure system is that of evaluating, and subsequently proving, trustworthiness through a third party's efforts.  A method for minimizing the costs of performing this evaluation is to make use of components that have already had their trustworthiness evaluated and verified, thereby minimizing the need to evaluate the system itself; as it is made of already trustworthy components.  This model would allow for ``evaluation by pieces'' whereby one acknowledges previously evaluated components and does not require their examiniation in the greater evaluation of the composite system.  Unfortunately, this model has only been made available to ``low assurance'' systems as it lacks a well-formed theory of correctness~\cite{Benzel2005}.
 
 Security design, development, verification, and evaluation is still a relatively new and unexplored space.  Because of this there is a constant growth and evolution of security protocols and standards, which requires a thorough exploration of the security design space.  It is the belief of this paper that the best model for focusing effort and development towards is a platform-based design for security development.  The levels of abstraction aid in virtualization design, the overarching concept of mapping platforms to instances (and vica-versa) aids in early developemtn stages, and the need for rigorous documentation and meticulous following of standards are concepts that not only stem from platform-based design but greatly lend to the needs of security design and development.
-\begin{itemize}
-\item \textbf{DRAW CONNECTIONS TO SECURITY DEVELOPMENT AND PBD TO SHOW HOW THESE TWO CAN BE MAPPED TOGETHER.  BE SURE TO STATE THE OBVIOUS!!! MAKE THE POINT OF THIS PAPER!}
-\end{itemize}
 
 \section{Conclusion}
 \label{Conclusion}
 \begin{itemize}
+\item \textbf{DRAW CONNECTIONS TO SECURITY DEVELOPMENT AND PBD TO SHOW HOW THESE TWO CAN BE MAPPED TOGETHER.  BE SURE TO STATE THE OBVIOUS!!! MAKE THE POINT OF THIS PAPER!}
 \item Need for development of platform-based design for security elements of all types
 	\begin{itemize}
 	\item Need for standardization, or `contracts', for all elements that compose a larger distributed systems.  Reason being: without these `contracts' to clearly state the expectations of various inputs, and outputs, then there is no guarentee that any designs/developments will be able to harmonize with the rest of a complex system.  Additionally this is important for determining the trustworthiness of not only different elements, but of the entire distributed system as a whole.