A Philosophy of Security Architecture Design

Digital systems are almost always vulnerable, yet we increasingly depend on these systems. There will be many threats towards these system. In a fully networked system, the vulnerabilities will literally be exposed to the whole world. The exposed vulnerabilities may be transformed into attacks. To counter this state of “vulnerability”, the standard remedy is to conduct security requirements analysis and security threat modeling. Threats are assessed, and various countermeasures are devised. The totality of these measures may be described as a security architecture. The goal of a security architecture will largely be to make the system robust and resilient in the face of an adversary. However, we shall argue that this is not enough. Security architecture designs should go one step further, and actually improve the defenses when faced with hostile actions. That is, the security architectures must become antifragile.

[1]  R. Trivers The Folly of Fools: The Logic of Deceit and Self-Deception in Human Life , 2011 .

[2]  Nassim Nicholas Taleb,et al.  The Black Swan: The Impact of the Highly Improbable , 2007 .

[3]  Peter J. Denning,et al.  Great principles of computing , 2015, CACM.

[4]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[5]  Jerome H. Saltzer,et al.  Principles of Computer System Design: An Introduction , 2009 .

[6]  Martin Monperrus,et al.  Principles of Antifragile Software , 2014, Programming.

[7]  Frederick P. Brooks,et al.  The Design of Design: Essays from a Computer Scientist , 2010 .

[8]  Elissa M. Redmiles,et al.  The Battle for New York: A Case Study of Applied Digital Threat Modeling at the Enterprise Level , 2018, USENIX Security Symposium.

[9]  Dale C. Eikmeier Center of Gravity Analysis , 2004 .

[10]  N. Taleb Fooled by Randomness: The Hidden Role of Chance in Life and in the Markets , 2001 .

[11]  G. M. Køien Reflections on Evolving Large-Scale Security Architectures , 2015 .

[12]  Andrei Vladyko,et al.  Software Defined Internet of Things: Cyber Antifragility and Vulnerability Forecast , 2017, 2017 IEEE 11th International Conference on Application of Information and Communication Technologies (AICT).

[13]  Kjell Jørgen Hole Anti-fragile ICT Systems , 2016, Simula SpringerBriefs on Computing.

[14]  N. Taleb Antifragile: Things That Gain from Disorder , 2012 .

[15]  E. Lorenz Deterministic nonperiodic flow , 1963 .

[16]  Martín Abadi,et al.  Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[17]  M. Whitty Who can spot an online romance scam? , 2019, Journal of Financial Crime.

[18]  Markus Jakobsson,et al.  Identifying Scams and Trends , 2016, Understanding Social Engineering Based Scams.

[19]  Adam Shostack,et al.  Threat Modeling: Designing for Security , 2014 .

[20]  Lewis Carroll,et al.  Alice Through the Looking-Glass and What Alice Found There , 1871 .

[21]  Geir M. Køien A “Best Current Practice” for 3GPP-based cellular system security , 2014, 2014 4th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE).