Security in a Dependability Perspective
Paper i proceeding, 1994

Historically security has developed as a discipline, separate from the original dependability framework, which included reliability, availability and safety attributes. Therefore, the integration of security in this framework has not yet been fully accomplished. This paper presents a novel approach to security, intended to facilitate and improve this integration. This is achieved by taking a dependability viewpoint on traditional security and interpreting it in behavioural and preventive terms. A modified security concept, comprising only preventive characteristics is defined where confidentiality is suggested to be a behavioural dependability attribute. The outcome of this interpretation influences the integration of the other three dependability attributes. The overall objective of this approach is to arrive at a more general and clear-cut dependability framework that would describe how (un)dependable a system is, irrespective of the reason for the (un)dependability. For example, it should be possible to treat a system failure due to an intentional intrusion of due to a hardware fault using the same methods and in parallel. Finally, the problem of interpreting concepts and terminology for security impairments in dependability terms is addressed, based on a few examples from real security breaches. It is realized that this is an area where future work is necessary.

modelling

terminology

Security

vulnerability

dependability

Författare

Erland Jonsson

Institutionen för datorteknik

Tomas Olovsson

Institutionen för datorteknik

Nordic Seminar on Dependable Computing Systems 1994 (NSDCS '94), Lyngby, Denmark

175-186

Styrkeområden

Informations- och kommunikationsteknik

Ämneskategorier

Systemvetenskap