On the functional relation between security and dependability impairments

Proceedings New Security Paradigm Workshop

Volumn , Issue , 1999, Pages 104-111

  Jonsson, Erland ^a   Strömberg, Lars ^a   Lindskog, Stefan ^a  

^a CHALMERS UNIVERSITY OF TECHNOLOGY   (Sweden)

Author keywords

Dependability; Impairment; Intrusion; Modelling; Security; Terminology; Threat; Vulnerability

Indexed keywords

COMPUTER HARDWARE; COMPUTER SYSTEMS; ERROR ANALYSIS; PROBABILITY; MODELS; SYSTEMS ENGINEERING; TERMINOLOGY;

DELIVERY-OF-SERVICE;

SECURITY SYSTEMS; MERCURY (METAL);

DEPENDABILITY; IMPAIRMENT; INTRUSION; SECURITY; THREAT; VULNERABILITY;

EID: 0033489651     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (30)

1. E. N. Adams. Optimizing preventive service of software products. IBM Journal of Research and Development, 28(1): 2-14, 1984.
2. P. Ammann, S. Jajodia. Computer Security, fault tolerance, and software assurance. IEEE Concurrency, Vol. 7, No. 1, January-March 1999.
3. R. Andersson. Why cryptosystems fail. Communications of the ACM, 37(11), 1994.
4. T. Anderson and P. A. Lee. Fault tolerance terminology proposals. In P. A. Lee and D. E. Morgan, editors, Proceedings of the 12th IEEE International Symposium on Fault Tolerant Computing, FTCS-12, pages 29-33, Santa Monica, CA, USA, June 1982.
5. A. Avizienis. Fault tolerance, the survival attribute of digital systems. In Proceedings of the IEEE, 66(10):1109-1125, October 1978
6. A. Avizienis. The four-universe information system model for the study of fault-tolerance. In P. A. Lee and D. E. Morgan, editors, Proceedings of the 12th IEEE International Symposium on Fault Tolerant Computing, FTCS-12, pages 29-33, Santa Monica, CA, USA, June 1982.
7. R. H. Baker. Computer Security Handbook, 2nd edition. TAB Professional and Reference Books, McGraw-Hill, 1991.
8. M. Bishop and D. Bailey. A Critical Analysis of Vulnerability Taxonomies. Technical Report CSE-96-11, Department of Computer Science, University of California at Davis, CA, USA, September 1996.
9. B. K. Daniels. Errors, faults and failures: A model. In T. Anderson, editor, Safe and Secure Computing Systems, Blackwell Scientific Publications 1989.
10. D. E. Denning. Secure Databases and Safety: Some unexpected conflicts. In T. Anderson, editor, Safe and Secure Computing Systems, Blackwell Scientific Publications, 1989.
11. H. Hedbom, S. Lindskog, E. Jonsson, "An Analysis of the Security of Windows NT", Tech. Rep. 99-16, Dept. of Computer Engineering, Chalmers University of Technology, Göteborg, Sweden, 1999.
12. Institute of Electrical and Electronic Engineers. A Glossary of Software Engineering Terminology, Chapter 5, IEEE 610.12-1990.
13. Information Technology Security Evaluation Criteria (IT-SEC): Provisional Harmonized Criteria, December 1993.
14. International Standards Organization. Data Processing: Open Systems Interconnection, Basic Reference Model, ISO/IS 7498, Geneva 1983.
15. International Standards Organization. Information processing systems: Open Systems Interconnection, Basic Reference Model, part 2: Security Architecture 7498/2.
16. E. Jonsson and T. Olovsson. On the Integration of Security and Dependability in Computer Systems. In IASTED International Conference on Reliability, Quality Control and Risk Assessment, Washington, USA, November 4-6, 1992.
17. E. Jonsson. A Unified Approach to Dependability Impairments in Computer Systems. In IASTED International Conference on Reliability, Quality Control and Risk Assessment, pages 173-178, Cambridge, MA, USA, October 18-20 1993.
18. E. Jonsson, M. Andersson, S. Asmussen, "A Practical Dependability Measure for Degradable Computer Systems with Non-exponential Degradation", In Proceedings of the IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes, SAFEPROCESS'94, Espoo, Finland, June 13-15, 1994, vol. 2, pp. 227-233.
19. E. Jonsson, T. Olovsson, "A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior", IEEE Transactions on Software Engineering, Vol. 23, No. 4, April 1997.
20. E. Jonsson. An Integrated Framework for Security and Dependability. In Proceedings of the New Security Paradigms Workshop 1998, Charlottesville, VA, USA, September 22-25, 1998.
21. I. V. Krsul. Software Vulnerability Analysis. PhD thesis, Purdue University, May 1998.
22. J. C. Laprie et al. Dependability: Basic Concepts and Terminology. Springer-Verlag, 1992.
23. U. Lindqvist, U. Gustafson, E. Jonsson, "Analysis of Selected Computer Security Intrusions: In Search of the Vulnerability", NORDSEC'96 - Nordic Workshop on Secure Computer Systems, Göteborg, Sweden, November 7-8, 1996.
24. C. Meadows, Applying the Dependability Paradigm to Computer Security. In Proceedings of the New Security Paradigms Workshop 1995, La Jolla, CA, August 22-25 1995.
25. C. Meadows, J. McLean, Security and Depandability: Then and Now. Presented at the Workshops on Computer Security, Fault Tolerance, and Software Assurance: From Needs to Solutions, Williamsburg, VA, November 11-13, 1998.
26. D. M. Nessett. Factors Affecting Distributed System Security. In Proceedings of the 1986 IEEE Symposium on Security and Privacy, pages 204-222, Oakland, CA, USA.
27. National Institute of Standards and Technology. Glossary of computer security terms, NSC-TG-004 version. 1, ("Aqua Book"), October 21, 1988.
28. S. M. Ornstein. Safety issues for computer controlled systems. In Proceedings of the 16th IEEE International Symposium on Fault-Tolerant Computing, FTCS-16, Vienna, Austriia, 1986.
29. C. P. Pfleeger. Security in Computing. Prentice-Hall 1997. ISBN 0-13-185794-0.
30. Department of Defence. Trusted Computer System Evaluation Criteria ("orange book"), CSC-STD-001-83.