Redundancy and Diversity in Security

14 years 4 months ago

Download www.csr.city.ac.uk

Redundancy and diversity are commonly applied principles for fault tolerance against accidental faults. Their use in security, which is attracting increasing interest, is less general and less of an accepted principle. In particular, redundancy without diversity is often argued to be useless against systematic attack, and diversity to be of dubious value. This paper discusses their roles and limits, and to what extent lessons from research on their use for reliability can be applied to security, in areas such as intrusion detection. We take a probabilistic approach to the problem, and argue its validity for security. We then discuss the various roles of redundancy and diversity for security, and show that some basic insights from probabilistic modelling in reliability and safety indeed apply to examples of design for security. We discuss the factors aﬀecting the eﬃcacy of redundancy and diversity, the role of “independence” between layers of defense, and some of the trade-oﬀs...

Bev Littlewood, Lorenzo Strigini

Real-time Traffic

Accidental Faults | ESORICS 2004 | Fault Tolerance | Security Privacy | Trade-oﬀs Facing Designers |

claim paper

Post Info
More Details (n/a)

Added	01 Jul 2010
Updated	01 Jul 2010
Type	Conference
Year	2004
Where	ESORICS
Authors	Bev Littlewood, Lorenzo Strigini

Comments (0)

Sciweavers

Redundancy and Diversity in Security

Accidental Faults | ESORICS 2004 | Fault Tolerance | Security Privacy | Trade-oﬀs Facing Designers |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers