Abstract
Redundancy and diversity are commonly applied principles for fault tolerance against accidental faults. Their use in security, which is attracting increasing interest, is less general and less of an accepted principle. In particular, redundancy without diversity is often argued to be useless against systematic attack, and diversity to be of dubious value. This paper discusses their roles and limits, and to what extent lessons from research on their use for reliability can be applied to security, in areas such as intrusion detection. We take a probabilistic approach to the problem, and argue its validity for security. We then discuss the various roles of redundancy and diversity for security, and show that some basic insights from probabilistic modelling in reliability and safety indeed apply to examples of design for security. We discuss the factors affecting the efficacy of redundancy and diversity, the role of "independence" between layers of defense, and some of the tra! de-offs facing designers. © Springer-Verlag Berlin Heidelberg 2004.
Cite
CITATION STYLE
Littlewood, B., & Strigini, L. (2004). Redundancy and diversity in security. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3193, 423–438. https://doi.org/10.1007/978-3-540-30108-0_26
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
