Abstract : Survivability for an application is the ability of the users to complete their mission in the presence of faults (the implication is that some faults are malicious). This naturally leads to the need for precise descriptions of the faults to be survived. A survivability-oriented model of fault events should describe aspects pertinent to restoration and response. It should also classify fault events according to their impact on survivability, that is, how the damaged system continues to support its mission. This report models a fault as a four tuple. The four tuple describes the propagation of the fault, the faulty computation it induces, the required means of repairing the fault, and the fault's impact on the mission. We use the model to describe the effect of survivability on security and identify 10 general assertions that must be true of every security mechanism in a survivable environment.
[1]
Leslie Lamport,et al.
Reaching Agreement in the Presence of Faults
,
1980,
JACM.
[2]
C. A. R. Hoare,et al.
Communicating Sequential Processes (Reprint)
,
1983,
Commun. ACM.
[3]
Paul Anderson,et al.
A Framework for Evaluating Computer Architectures to Support Systems with Security Requirements, with Applications.
,
1987
.
[4]
Yves Deswarte,et al.
Intrusion tolerance in distributed computing systems
,
1991,
Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.
[5]
Brian Randell,et al.
Fundamental Concepts of Dependability
,
2000
.