Security in a Dependability Perspective
Paper in proceedings, 1994

Historically security has developed as a discipline, separate from the original dependability framework, which included reliability, availability and safety attributes. Therefore, the integration of security in this framework has not yet been fully accomplished. This paper presents a novel approach to security, intended to facilitate and improve this integration. This is achieved by taking a dependability viewpoint on traditional security and interpreting it in behavioural and preventive terms. A modified security concept, comprising only preventive characteristics is defined where confidentiality is suggested to be a behavioural dependability attribute. The outcome of this interpretation influences the integration of the other three dependability attributes. The overall objective of this approach is to arrive at a more general and clear-cut dependability framework that would describe how (un)dependable a system is, irrespective of the reason for the (un)dependability. For example, it should be possible to treat a system failure due to an intentional intrusion of due to a hardware fault using the same methods and in parallel. Finally, the problem of interpreting concepts and terminology for security impairments in dependability terms is addressed, based on a few examples from real security breaches. It is realized that this is an area where future work is necessary.

modelling

terminology

Security

vulnerability

dependability

Author

Erland Jonsson

Department of Computer Engineering

Tomas Olovsson

Department of Computer Engineering

Nordic Seminar on Dependable Computing Systems 1994 (NSDCS '94), Lyngby, Denmark

175-186

Areas of Advance

Information and Communication Technology

Subject Categories

Information Science

More information

Created

10/8/2017