Abstract

Digital systems are almost always vulnerable, yet we increasingly depend on these systems. There will be many threats towards these system. In a fully networked system, the vulnerabilities will literally be exposed to the whole world. The exposed vulnerabilities may be transformed into attacks. To counter this state of “vulnerability”, the standard remedy is to conduct security requirements analysis and security threat modeling. Threats are assessed, and various countermeasures are devised. The totality of these measures may be described as a security architecture. The goal of a security architecture will largely be to make the system robust and resilient in the face of an adversary. However, we shall argue that this is not enough. Security architecture designs should go one step further, and actually improve the defenses when faced with hostile actions. That is, the security architectures must become antifragile.

Highlights

  • The requirements for a security architecture is very much about the level of uncertainty one wants to endure and the risks one is willing to take.1.1 Why Philosophy?There certainly are many technical aspects of modern information and communications technology (ICT) systems and the associated security architectures

  • Chapter 7 is an argument for a threat modeling mindset

  • To be explicit about intended exposure does not guarantee that the attack surface is well-contained, but it will at least indicate that the problem has been considered

Read more

Summary

Why Philosophy?

There certainly are many technical aspects of modern information and communications technology (ICT) systems and the associated security architectures. On a systems level, the end goal of a security architecture are normally not technical in nature. The goals tend to be more philosophical They may be framed in a context of moral and ethics, and sometimes in the framework of legislation and societal rules. Modern ICT infrastructures are becoming integrated into our lives in many ways, and our society is poised to become even more dependent on these ICT systems. This means that safe and secure operations of these critical infrastructures literally becomes a matter of life and death. This is why there is a need for a philosophical stance when it comes to security architectures

Security Versus Safety and Privacy
The Incerto
Key Concepts
Requirements Capture
Not Everything Will Be Standardized
Proactive‐ Versus Reactive Measures
Threat Analysis Philosophy
Basics Steps
Center‐of‐Gravity
Threat Management
Related Work
Paper Layout
Attitudes of System Designs
Process Goals
Self‐Evident and Obvious Aspects
Explicitness
Plan for Success
Success Means Long‐Term
Long‐Term Means Change
The Red Queen’s Race
Long‐Term Means Dependencies
There Will Be Failures
Kill Your Darlings
2.2.10 Delusion and Self‐Delusion
2.2.11 The Weakest Link
The 5D Lifecycle Phases
Design Phase Freedom
Development Phase Freedom
Deployment Phase Freedom
Decommissioning Phase Freedom
Fallback and Backwards Compatibility Considered Harmful
Fallback
Backwards Compatibility
Containment
The Stoic Philosophical Attitude: “Keep Calm and Carry On”
Limits to Predictability
Non‐linearity
Large‐Scale Systems are Non‐linear
Normal Accidents
Estimating Risk
Antifragile
On Existential Risks and the Precautionary Principle
Sustainable Risks and Scalability
Threats
Vulnerabilities
Inconsistencies
Exposure and Attack Surfaces
Cyber Kill Chain Considerations
Defense Strategies
Redundancy by Design
Segmentation and Coupling
Defense‐in‐Depth
Strong Proactive Security Measures
Capable Reactive Security Measures
Threat Modeling
Summary
Living with Uncertainty
The Design Principles
Precautionary principle
Conclusions
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Security Threat Modeling and Requirement Analysis Method Based on Goal-Scenario
Su-Jin Baek ... Young-Jae Song
-
Su-Jin Baek, et. al.Su-Jin Baek ... Young-Jae Song
07 Dec 2011
CONCEPTUAL APPROACH TO ENSURING INFORMATION SECURITY OF A SYSTEM OF DISTRIBUTED SITUATIONAL CENTERS
I.V Kotenko ... I.B Saenko
Informatization and communication | VOL. -
I.V Kotenko, et. al.I.V Kotenko ... I.B Saenko
24 May 2019
Internet of Things Security: We're Walking on Eggshells!
Aref Meddeb
-
Aref MeddebAref Meddeb
01 Jan 2015
9 - Format-Compliant Content Protection
Wenjun Zeng
Multimedia Security Technologies for Digital Rights Management | VOL. -
Wenjun ZengWenjun Zeng
01 Jan 2006
View more papers

More From: Wireless Personal Communications

Paper Title
Journal
Date
Author
Correction to: A Modified Regression Model for Analysing the Performance of Metamaterial Antenna Using Machine Learning and Deep Learning
Rovin Tiwari ... Rahul Dubey
Wireless Personal Communications | VOL. -
Rovin Tiwari, et. al.Rovin Tiwari ... Rahul Dubey
24 Jul 2024
A Compact Sinusoidally Tapered Slot Vivaldi Linear Antenna Array for X and Ku Band Applications
M Bhagya Lakshmi ... D Vakula
Wireless Personal Communications | VOL. -
M Bhagya Lakshmi, et. al.M Bhagya Lakshmi ... D Vakula
23 Jul 2024
Unified Intrusion Detection Framework: Predictive Analysis of Intrusions in Sensor Networks
Arun Kumar Ramamoorthy ... K Karuppasamy
Wireless Personal Communications | VOL. -
Arun Kumar Ramamoorthy, et. al.Arun Kumar Ramamoorthy ... K Karuppasamy
20 Jul 2024
Teager Energy-Autocorrelation Envelope for Stressed Speech Emotion Recognition with Spectral Features: A Multi-database Analysis
Surekha Reddy Bandela
Wireless Personal Communications | VOL. -
Surekha Reddy BandelaSurekha Reddy Bandela
20 Jul 2024
View more papers