Abstract
Digital systems are almost always vulnerable, yet we increasingly depend on these systems. There will be many threats towards these system. In a fully networked system, the vulnerabilities will literally be exposed to the whole world. The exposed vulnerabilities may be transformed into attacks. To counter this state of “vulnerability”, the standard remedy is to conduct security requirements analysis and security threat modeling. Threats are assessed, and various countermeasures are devised. The totality of these measures may be described as a security architecture. The goal of a security architecture will largely be to make the system robust and resilient in the face of an adversary. However, we shall argue that this is not enough. Security architecture designs should go one step further, and actually improve the defenses when faced with hostile actions. That is, the security architectures must become antifragile.
Highlights
The requirements for a security architecture is very much about the level of uncertainty one wants to endure and the risks one is willing to take.1.1 Why Philosophy?There certainly are many technical aspects of modern information and communications technology (ICT) systems and the associated security architectures
Chapter 7 is an argument for a threat modeling mindset
To be explicit about intended exposure does not guarantee that the attack surface is well-contained, but it will at least indicate that the problem has been considered
Summary
There certainly are many technical aspects of modern information and communications technology (ICT) systems and the associated security architectures. On a systems level, the end goal of a security architecture are normally not technical in nature. The goals tend to be more philosophical They may be framed in a context of moral and ethics, and sometimes in the framework of legislation and societal rules. Modern ICT infrastructures are becoming integrated into our lives in many ways, and our society is poised to become even more dependent on these ICT systems. This means that safe and secure operations of these critical infrastructures literally becomes a matter of life and death. This is why there is a need for a philosophical stance when it comes to security architectures
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have