21-02-2009, 10:34 PM
Society is growing increasingly dependent upon large-scale, highly
distributed systems that operate in unbounded network environments.
Unbounded networks, such as the Internet, have no central
administrative control and no unified security policy. Furthermore, the
number and nature of the nodes connected to such networks cannot be
fully known. Despite the best efforts of security practitioners, no
amount of system hardening can assure that a system that is connected
to an unbounded network will be invulnerable to attack. The discipline
of survivability can help ensure that such systems can deliver
essential services and maintain essential properties such as integrity,
confidentiality, and performance, despite the presence of intrusions.
Unlike the traditional security measures that require central control
or administration, survivability is intended to address unbounded
network environments. This report describes the survivability approach
to helping assure that a system that must operate in an unbounded
network is robust in the presence of attack and will survive attacks
that result in successful intrusions. Included are discussions of
survivability as an integrated engineering framework, the current state
of survivability practice, the specification of survivability
requirements, strategies for achieving survivability, and techniques
and processes for analyzing survivability.
distributed systems that operate in unbounded network environments.
Unbounded networks, such as the Internet, have no central
administrative control and no unified security policy. Furthermore, the
number and nature of the nodes connected to such networks cannot be
fully known. Despite the best efforts of security practitioners, no
amount of system hardening can assure that a system that is connected
to an unbounded network will be invulnerable to attack. The discipline
of survivability can help ensure that such systems can deliver
essential services and maintain essential properties such as integrity,
confidentiality, and performance, despite the presence of intrusions.
Unlike the traditional security measures that require central control
or administration, survivability is intended to address unbounded
network environments. This report describes the survivability approach
to helping assure that a system that must operate in an unbounded
network is robust in the presence of attack and will survive attacks
that result in successful intrusions. Included are discussions of
survivability as an integrated engineering framework, the current state
of survivability practice, the specification of survivability
requirements, strategies for achieving survivability, and techniques
and processes for analyzing survivability.