This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
A Failure-Based Discipline of Trustworthy Information Systems
July-Aug. 2011 (vol. 9 no. 4)
pp. 71-75
Michael E. Locasto, University of Calgary
Matthew C. Little, Virginia Tech Foundation
The complexity of most systems, including those involving a digital information system, has surpassed the point at which we can consider failures as abnormal events. We must plan for failure and design strong response and recovery mechanisms.

1. W. Langewiesche, "The Lessons of ValuJet 592," The Atlantic, Mar. 1998, www.theatlantic.com/magazine/archive/1998/ 03/the-lessons-of-valujet-5926534.
2. "NTSB Cites Maintenance Company, Airline and FAA in Probable Cause of May 1996 ValuJet Crash that Killed All 110 Aboard," Nat'l Transportation Safety Board, Aug. 1997; www.ntsb.gov/pressrel/1997970819b.htm.
3. "Columbia Accident Investigation Board Report," vol. 1, Aug. 2003; http://caib.nasa.gov/news/report/pdf/vol1/ fullcaib_report_volume1.pdf.
4. J. Weiss, Protecting Industrial Control Systems from Electronic Threats, Momentum Press, 2010.
5. B. Snow, "We Need Assurance!" Proc. 21st Ann. Computer Society Applications Conf. (ACSAC 05), IEEE CS Press, 2005, pp. 3–10.
6. M.A. Harrison, W.L. Ruzzo, and J.D. Ullman, "Protection in Operating Systems," Comm. ACM, vol. 19, no. 8, 1976, pp. 461–471.
7. S. Gaudin, "Amazon Cloud Glitch Knocks out Popular Websites," Computerworld,21 Apr. 2011; www.computerworld.com/s/article/9216036Amazon_cloud_glitch_knocks_out_popular_websites .
8. Ponemon Inst., "2010 Annual Study: US Cost of a Data Breach," Symantec Corp.; www.symantec.com/about/news/resources/press_kits detail.jsp?pkid=ponemon.
9. "Credit Safety," Ohio State Univ.; www.osu.educreditsafety.
10. N. Bilton and B. Stelter, "Sony Says PlayStation Hacker Got Personal Data," The New York Times,26 Apr. 2001; www.nytimes.com/2011/04/27/technology27playstation.html .
11. A. Odlyzko, "Providing Security with Insecure Systems," Proc. 3rd ACM Workshop Wireless Network Security (WiSec 10), ACM Press, 2010, pp. 87–88.

Index Terms:
complex systems, cloud security, normal failure
Citation:
Michael E. Locasto, Matthew C. Little, "A Failure-Based Discipline of Trustworthy Information Systems," IEEE Security & Privacy, vol. 9, no. 4, pp. 71-75, July-Aug. 2011, doi:10.1109/MSP.2011.77
Usage of this product signifies your acceptance of the Terms of Use.