Putting Trust in Security Engineering
نویسنده
چکیده
When we must depend on a system, not only should we want it to resist attacks but we should have reason to believe that it will resist attacks. So security is a blend of two ingredients: mechanism and assurance. In developing a secure system, it is tempting to focus first on mechanism—the familiar “build then test” paradigm from software development. This note discusses some benefits of resisting that temptation. We advocate that designers focus first on aspects of assurance, because they can then explore—in a principled way—connections between a system design and its resistance to attack. Formalizing such connections as mathematical laws, could enable an engineering discipline for secure systems.
منابع مشابه
IMNTV-Identifying Malicious Nodes using Trust Value in Wireless Sensor Networks
Security is the major area of concern in communication channel. Security is very crucial in wireless sensor networks which are deployed in remote environments. Adversary can disrupt the communication within multi hop sensor networks by launching the attack. The common attacks which disrupt the communication of nodes are packet dropping, packet modification, packet fake routing, badmouthing atta...
متن کاملA Trust Based Probabilistic Method for Efficient Correctness Verification in Database Outsourcing
Correctness verification of query results is a significant challenge in database outsourcing. Most of the proposed approaches impose high overhead, which makes them impractical in real scenarios. Probabilistic approaches are proposed in order to reduce the computation overhead pertaining to the verification process. In this paper, we use the notion of trust as the basis of our probabilistic app...
متن کاملRequirements Engineering Meets Trust Management: Model, Methodology, and Reasoning
The last years have seen a number of proposals to incorporate Security Engineering into mainstream Software Requirements Engineering. However, capturing trust and security requirements at an organizational level (as opposed to a design level) is still an open problem. This paper presents a formal framework for modeling and analyzing security and trust requirements. It extends the Tropos methodo...
متن کاملA Study on the Relationship between Social Trust and Social Security in Kashan
This paper tries to study the relationship between social trust and social security (Personal, economic, political and societal) among citizens in Kashan. In 2012 through questionnaire move than 362 people at the age of 18 and higher were chosen to answer these questions. The results show that social trust affects on social security it means if we have name trust among people, we will observe...
متن کاملA New Framework for Secure Routing in VANET
Vehicular Ad-Hoc Networks can enhance road safety and enable drivers to avoid different threats. Safety applications, mobile commerce, and other information services are among different available services that are affected by dynamic topology, vehicle’s speed and node misbehaving. Dynamic topology makes the route unstable and unreliable. So, improving the throughput and performance of VANET thr...
متن کامل