Security in a Dependability Perspective

• Historically security has developed as a discipline, separate from the original dependability framework, which included reliability, availability and safety attributes. Therefore, the integration of security in this framework has not yet been fully accomplished. This paper presents a novel approach to security, intended to facilitate and improve this integration. This is achieved by taking a dependability viewpoint on traditional security and interpreting it in behavioural and preventive terms. A modified security concept, comprising only preventive characteristics is defined where confidentiality is suggested to be a behavioural dependability attribute. The outcome of this interpretation influences the integration of the other three dependability attributes. The overall objective of this approach is to arrive at a more general and clear-cut dependability framework that would describe how (un)dependable a system is, irrespective of the reason for the (un)dependability. For example, it should be possible to treat a system failure due to an intentional intrusion of due to a hardware fault using the same methods and in parallel. Finally, the problem of interpreting concepts and terminology for security impairments in dependability terms is addressed, based on a few examples from real security breaches. It is realized that this is an area where future work is necessary.

Subject headings

NATURVETENSKAP  -- Data- och informationsvetenskap -- Systemvetenskap, informationssystem och informatik (hsv//swe)

NATURAL SCIENCES  -- Computer and Information Sciences -- Information Systems (hsv//eng)

Keyword

modelling

terminology

Security

vulnerability

dependability

Publication and Content Type

kon (subject category)

ref (subject category)