Translator Disclaimer
30 April 2007 Security assurances for intelligent complex systems
Author Affiliations +
Intelligent complex systems are drawing considerable attention of researchers in various scientific areas. These architectures require adequate assurances of security, reliability, and fault-tolerance. The implementation of security functions such as identification, authentication, access control, and data protection can be viewed in terms of a security assurance model. This model relies on the security architecture of a system, which in turn is based on a trusted infrastructure. This assurance model defines the level and features of the protection it offers, and determines the need and relevance of the deployment of specific security mechanisms. In this article, we first examine how the verification of the security measures, and notably their presence, correctness, effectiveness, the impact of changes in the existing intelligent complex systems with respect to vulnerabilities, systems engineering choices, reconfigurations, patch installations, network management, etc. We then explore how we can evaluate the overall security assurance of a given system. We emphasis that it is desirable to separate the trust providing assurance model and the security architecture, into two separated distributed entities (instrumentations, protocols, architectures, management). We believe that this segregation will allow us to automate and boost the trusted infrastructure and security infrastructure, while the authorizations, exceptions, and security management as a whole, are achieved through their interaction. Finally, we discuss the security metrics for these complex intelligent systems. New mechanisms and tools are needed for assessing and proving the security and dependability of a complex system as the scale of these systems and the kind of threats and assumptions on their operational environment pose new challenges. We conclude with a description of our proposed security management model.
© (2007) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Syed Naqvi and Michel Riguidel "Security assurances for intelligent complex systems", Proc. SPIE 6560, Intelligent Computing: Theory and Applications V, 65600L (30 April 2007);

Back to Top