The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - January/February (2011 vol.9)
pp: 18-21
Cynthia Irvine , Naval Postgraduate School
J.R. Rao , IBM Thomas J. Watson Research Center
ABSTRACT
Construction of highly trustworthy systems is quite challengiwng and requires experienced leaders who can guide development teams through technical, political, and bureaucratic hurdles. Today's systems must be designed so that their security claims remain valid from inception through retirement. Hence, security engineering must start at the earliest stages of development, when wise choices can have a major impact on system trustworthiness and vulnerabilities are relatively inexpensive to fix. This guest editors' introduction notes the apparent scarcity of large projects incorporating rigorous security engineering and enumerates topics for further investigation, such as compositionality, formal modeling and verification, RAS and resiliency, economic factors, user acceptability and usability, and extensibility.
INDEX TERMS
Secure Engineering, Trustworthy, High Assurance, Common Criteria, Root of Trust, TPM, Compositionality, Engineering Secure Systems
CITATION
Cynthia Irvine, J.R. Rao, "Guest Editors' Introduction: Engineering Secure Systems", IEEE Security & Privacy, vol.9, no. 1, pp. 18-21, January/February 2011, doi:10.1109/MSP.2011.10
REFERENCES
1. S. Bellovin, "Stuxnet: The First Weaponized Software?", blog, 27 Sept. 2010; www.cs.columbia.edu/~smb/blog/2010-092010-09-27.html .
2. W.H. Ware, "Security Controls for Computer Systems: Report of Defense Science Board Task Force on Computer Security," tech. report R-609-1, RAND, 1970.
3. P.A. Karger and R.R. Schell, "Thirty Years Later: The Lessons from the Multics Security Evaluation," Proc. 18th Annual Computer Security Applications Conf., IEEE CS Press, 2002, pp. 119–126.
4. J.P. Anderson, "Computer Security Technology Planning Study," tech. report ESD-TR-73-51, Air Force Electronic Systems Division, Hanscom AFB, 1972.
5. G. Pottinger, Proof Requirements in the Orange Book: Origins, Implementation, and Implications, Mathematical Sciences Inst., Cornell Univ., 1994.
41 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool