| The theory of diversity and redundancy in information system security : LDRD final report. | |
| Mayo, Jackson R. (Sandia National Laboratories, Livermore, CA) ; Torgerson, Mark Dolan ; Walker, Andrea Mae ; Armstrong, Robert C. (Sandia National Laboratories, Livermore, CA) ; Allan, Benjamin A. (Sandia National Laboratories, Livermore, CA) ; Pierson, Lyndon George | |
| Sandia National Laboratories | |
| 关键词: Redundancy; Information Systems; 99 General And Miscellaneous//Mathematics, Computing, And Information Science; Computer Security.; Computer Networks-Security Measures.; | |
| DOI : 10.2172/992781 RP-ID : SAND2010-7055 RP-ID : AC04-94AL85000 RP-ID : 992781 |
|
| 美国|英语 | |
| 来源: UNT Digital Library | |
 PDF
|
|
【 摘 要 】
The goal of this research was to explore first principles associated with mixing of diverse implementations in a redundant fashion to increase the security and/or reliability of information systems. Inspired by basic results in computer science on the undecidable behavior of programs and by previous work on fault tolerance in hardware and software, we have investigated the problem and solution space for addressing potentially unknown and unknowable vulnerabilities via ensembles of implementations. We have obtained theoretical results on the degree of security and reliability benefits from particular diverse system designs, and mapped promising approaches for generating and measuring diversity. We have also empirically studied some vulnerabilities in common implementations of the Linux operating system and demonstrated the potential for diversity to mitigate these vulnerabilities. Our results provide foundational insights for further research on diversity and redundancy approaches for information systems.
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| 992781.pdf | 382KB |  download |
878987797
028-85220240
