Sciweavers

ESORICS
2004
Springer

Redundancy and Diversity in Security

14 years 5 months ago
Redundancy and Diversity in Security
Redundancy and diversity are commonly applied principles for fault tolerance against accidental faults. Their use in security, which is attracting increasing interest, is less general and less of an accepted principle. In particular, redundancy without diversity is often argued to be useless against systematic attack, and diversity to be of dubious value. This paper discusses their roles and limits, and to what extent lessons from research on their use for reliability can be applied to security, in areas such as intrusion detection. We take a probabilistic approach to the problem, and argue its validity for security. We then discuss the various roles of redundancy and diversity for security, and show that some basic insights from probabilistic modelling in reliability and safety indeed apply to examples of design for security. We discuss the factors affecting the efficacy of redundancy and diversity, the role of “independence” between layers of defense, and some of the trade-offs...
Bev Littlewood, Lorenzo Strigini
Added 01 Jul 2010
Updated 01 Jul 2010
Type Conference
Year 2004
Where ESORICS
Authors Bev Littlewood, Lorenzo Strigini
Comments (0)