Mapping mission-level availability requirements to system architectures and policy abstractions

The BBN Pledge project was a DARPA-sponsored research effort to provide a common architecture for policy in information systems. To support technology transfer activity within Pledge, BBN surveyed underdeveloped topics in the area of information security policy. Based on that survey, BBN selected the topic of availability requirements for further work. We discuss mission-level availability requirements and suggest techniques for mapping such requirements to unifying abstractions and system architectures. Rather than providing a finished product, this paper is intended to present initial ideas that can be the basis for further research.

[1]  Ravi S. Sandhu Role Hierarchies and Constraints for Lattice-Based Access Controls , 1996, ESORICS.

[2]  John M. Boone,et al.  Integrity in Automated Information Systems , 1991 .

[3]  Virgil D. Gligor,et al.  Application-Oriented Security Policies and Their Composition (Position Paper) , 1998, Security Protocols Workshop.

[4]  Ira Pramanick,et al.  High Availability , 2001, Int. J. High Perform. Comput. Appl..

[5]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[6]  Charles Lynn,et al.  Security policy specification language , 1998 .

[7]  He Huang,et al.  Securing QoS threats to RSVP messages and their countermeasures , 1999, 1999 Seventh International Workshop on Quality of Service. IWQoS'99. (Cat. No.98EX354).

[8]  William H. Sanders,et al.  Proteus: a flexible infrastructure to implement adaptive fault tolerance in AQuA , 1999, Dependable Computing for Critical Applications 7.

[9]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[10]  Avishai Wool,et al.  Firmato: a novel firewall management toolkit , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[11]  Floyd Piedad,et al.  High Availability: Design, Techniques and Processes , 2000 .

[12]  John A. Zinky,et al.  Open implementation toolkit for building survivable applications , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[13]  Serban I. Gavrila Application-oriented Security Policies and Their Composition 1 Application-oriented Security Policies , 1998 .

[14]  William H. Sanders,et al.  AQuA: An Adaptive Architecture that Provides Dependable Distributed Objects , 2003, IEEE Trans. Computers.