Tag Archives: whitelisting

Immune system whitelisting

I read an interesting article called The non-denial of the non-self on the web today. An interesting article
about how to secure databases. However, I found it also interesting to read about how the human immune system relates to attackers:

“The immune system is interesting, because it protects its owner from pathogens without needing to know what a pathogen will look like. Instead, it relies on a negative database to tell it what to destroy. It learns early on which biological molecules are ‘self’, in the sense that they are routine parts of the body it is protecting. Whenever it meets one that is ‘not self’ and thus likely to be part of a pathogen, it destroys it.”

In security terms, this is actually called whitelisting.  It is typically used for input validation. Instead of trying to list all  illegal inputs (which is called blacklisting), list all legal inputs. The problems  with the former is that you have to make sure you think about all illegal instances, which is often very difficult, using the latter you only have to focus on the legal cases. Seemingly, this is how nature works…