The Community for Technology Leaders
RSS Icon
Issue No.06 - November/December (2011 vol.9)
pp: 43-48
Simson L. Garfinkel , Naval Postgraduate School
George Dinolt , Naval Postgraduate School
Modern systems aren't designed to support some ongoing operations after their security has been compromised. Using Sterbenz's ResiliNets (resilient networks) model for describing the tasks of managing a system that might be attacked, the authors discuss five strategies for operating in a degraded security environment: ignorance is bliss (no recovery); response and recovery (no remediation, diagnosis, or refinement); isolate and treat (remediation, followed by recovery); in situ analysis (covert monitoring); and battleshort: hunker down and live with it.
Insecurity, degraded security, ResiliNets, battleshort, DoD Instruction 8500.2
Simson L. Garfinkel, George Dinolt, "Operations with Degraded Security", IEEE Security & Privacy, vol.9, no. 6, pp. 43-48, November/December 2011, doi:10.1109/MSP.2011.149
1. E.F. Moore and C.E. Shannon, "Reliable Circuits Using Less Reliable Relays," J. Franklin Inst., vol. 262, no. 3, 1956, pp. 191–208.
2. J.P.G. Sterbenz et al., "Resilience and Survivability in Communication Networks: Strategies, Principles, and Survey of Disciplines," Computer Networks, vol. 54, no. 8, 2010, pp. 1245–1265.
3. J.F. Meyer, "On Evaluating the Performability of Degradable Computing Systems," IEEE Trans. Computers, vol. 29, no. 8, pp. 720–731.
4. Microsoft TechNet, "Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard,"22 Mar. 2001; MS01-017.mspx.
5. "My Computer Has Been Compromised, What Do I Do?" ClamWin Free Antivirus, 2001;
6. I. Kristic and S. Garfinkel, "The One Laptop per Child Security Model," Symp. Usable Security and Privacy, ACM Press, 2007; .
16 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool