designing secure systems, a critical component is understanding failure
code paths. This is something woefully neglected in software systems of
today, which is really to bad.
Today I read an interesting interview
with Bruce Lindsay (an IBM fellow who is one of the guys behind the
original RDBMS concept) about designing for failure. Although its
riddled with thoughts on databases, the principles about designing for
failure are just as applicable in secure systems.
Have a read. A very interesting article.
[Dana Epp's ramblings at the Sanctuary]