(aka PageTitle, Page Name)
The idea is to protect the system and its users from harm, in gentle and unobtrusive ways. The opposite of HardSecurity. It follows NonViolence. Instead of using violence, it works architecturally in defense to convince people against attacking and to LimitDamage. It works socially in offense to convince people to be friendly and to get out of the way of people adding value. S oft security is difficult. It often requires you to grow as a person, sometimes painfully so. This by itself makes it valuable.
SoftSecurity is like water. It bends under attack, only to rush in from all directions to fill the gaps. It's strong over time yet adaptable to any shape. It seeks to influence and encourage, not control and enforce.
See also an [excerpt] by Sir Arthur Conan Doyle that Neal selected to show these ideas aren't new.
SoftSecurity is a collective solution, whereas HardSecurity is often an individual solution. It's important to remember that although the Patterns below are written as prescriptions for you to follow, they are meant as notices for everyone to follow. When SoftSecurity becomes unilaterally enforced, it fails. This is a chicken and egg statement. When SoftSecurity fails--when TheCollective fails to act--only a few heroes try to keep it working. When only one person defends TheCollective, the defense loses its effectiveness and believability. One, the target of the defense will not know the hero speaks for the RoyalWe, and thus attempt to undermine the hero's authority in acting. Two, it may be the case that the CommunityDoesNotAgree , and the hero is acting out VigilanteJustice; acting alone should be good pause to reconsider what you are doing. Finally, while you think you ModelDesiredBehaviour, you are not providing space for others to act themselves, and so the real message you are sending is that they should not act.
SoftSecurity follows from the principles of