Corpus ID: 1505380

Security engineering - a guide to building dependable distributed systems (2. ed.)

@inproceedings{Anderson2001SecurityE,
  title={Security engineering - a guide to building dependable distributed systems (2. ed.)},
  author={Ross J. Anderson},
  year={2001}
}
Gigantically comprehensive and carefully researched, Security Engineering makes it clear just how difficult it is to protect information systems from corruption, eavesdropping, unauthorized use, and general malice. Better, Ross Anderson offers a lot of thoughts on how information can be made more secure (though probably not absolutely secure, at least not forever) with the help of both technologies and management strategies. His work makes fascinating reading and will no doubt inspire… Expand
A case for validating remote application integrity for data processing systems
TLDR
The architecture of AMI systems and how data moves from one end to the other is analyzed and the need for more research in safe program validation that protects against information leaks is discussed. Expand
Free to Flow: A Paradigm Shift for Multi-Level Security Data Exchange
Abstract : As information systems evolved within the Department of Defense (DoD), safeguards were developed to protect the information being stored and processed. The levels of protection put inExpand
Enhancing security in distributed systems with trusted computing hardware
The need to increase the hostile attack resilience of distributed and internet-worked computer systems is critical and pressing. This thesis contributes to concrete improvements in distributedExpand
Attack-defense trees
TLDR
A new graphical security model called attack–defense trees is developed, which generalizes the well-known attack trees model and demonstrates the usefulness of the formal foundations of attack– Defense trees by relating attack– defense terms to other scientific research disciplines. Expand
Verification of security protocols based on multicast communication
TLDR
A new set of theories capable of representing the entire set of known message casting frameworks is developed, which enable the Inductive Method to reason about a whole newset of protocols. Expand
Security Engineering towards Building a Secure Software
TLDR
This work presented the principles of security, the number of security mechanisms and the risk analysis to identify the risk, and investigated a number of methods and languages that is modeling the security into software systems. Expand
Engineering Security into Distributed Systems: A Survey of Methodologies
TLDR
This paper attempts to fill the gap in the survey literature relating to systematic approaches (methodologies) for engineering secure distributed systems by surveying and critically analyzing the state-of-the-art in security methodologies based on some form of abstract modeling for, or applicable to, distributed systems. Expand
An intrusion-tolerant firewall design for protecting SIEM systems
TLDR
This paper will focus on the defense of the core facility components by presenting a new firewall design that is resilient to very harsh failure scenarios and tolerates not only external attacks but also the intrusion of some of its components. Expand
SieveQ: A Layered BFT Protection System for Critical Services
TLDR
SieveQ, a message queue service that protects and regulates the access to critical systems, in a way similar to an application-level firewall, achieves fault and intrusion tolerance by employing an architecture based on two filtering layers, enabling efficient removal of invalid messages at early stages and decreasing the costs associated with Byzantine Fault-Tolerant replication of previous solutions. Expand
AEGIS: architecture for tamper-evident and tamper-resistant processing
TLDR
The architecture for a single-chip aegis processor which can be used to build computing systems secure against both physical and software attacks is described and preliminary simulation results indicate that the overhead of security mechanisms in aEGis is reasonable. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 601 REFERENCES
Proactive public key and signature systems
Emerging applications like electronic commerce and secure communications over open networks have made clear the fundamental role of public key cryptography as a unique enabler for world-wide scaleExpand
Denial of service: an example
TLDR
The &jectiw of the pre sent article is to consider a particular instance of a denial of service problem and to look at engineering considerations relevant to an appropriate defensr. Expand
Network security - private communication in a public world
TLDR
Network Security, Second Edition brings together clear, insightful, and clever explanations of every key facet of information security, from the basics to advanced cryptography and authentication, secure Web and email services, and emerging security standards. Expand
BLACKER: security for the DDN examples of A1 security engineering trades
  • C. Weissman
  • Computer Science
  • Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy
  • 1992
TLDR
There are four devices which together provide a secure system applique to DDN designed to achieve A1 security certification, and the issues reported fall into two groups: A1Security techniques and A1 program management. Expand
An architecture for multilevel secure interoperability
TLDR
This work introduces a practical, cost effective, and high assurance secure solution for multilevel distributed and heterogeneous environments using COTS components and introduces the concept of MLS cooperative computing which is a way to semi automate distributed computing among organizations at different security levels. Expand
The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments
TLDR
This paper identifies several secure operating system features which are lacking in mainstream operating systems, argues that these features are necessary to adequately protect general applica­ tion-space security mechanisms, and provides examples of how current security solutions are critically dependent on these features. Expand
The interaction between fault tolerance and security
TLDR
The main conclusions drawn are that fault tolerance has a wider application within security than current practices, and clients can exert control over the protocols and mechanisms to achieve resilience against differing classes of attack. Expand
How to insure that data acquired to verify treaty compliance are trustworthy
TLDR
A solution to the problem of how to make it possible for two mutually distrusting parties to both trust a data acquisition system that informs the monitor and perhaps third parties, whether the host has or has not violated the terms of a treaty is presented. Expand
Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0
TLDR
It is concluded that PGP 5.0 is not usable enough to provide effective security for most computer users, despite its attractive graphical user interface, supporting the hypothesis that user interface design for effective security remains an open problem. Expand
The specification and modeling of computer security
TLDR
It is shown how the Bell and LaPadula model's limitations can be remedied by a framework of models, making it more useful to those interested in industrial security. Expand
...
1
2
3
4
5
...