Back to Search
Start Over
Computer Security as an Engineering Practice: A System Engineering Discussion
- Source :
- Advances in Science, Technology and Engineering Systems (2019)
- Publication Year :
- 2019
- Publisher :
- Advances in Science, Technology and Engineering Systems Journal (ASTESJ), 2019.
-
Abstract
- We examine design principles from more than 20 years of experience in the implementation and protection of mission critical flight systems used by the Mission Design and Navigation Section at NASA’s Jet Propulsion Laboratory. Spacecraft navigation has rigorous requirements for completeness and accuracy, often under critical and uncompromising time pressure. Fault tolerant and robust design in the ground data system is crucial for the numerous space missions we support, from the Cassini orbital tour of Saturn to the Mars rover Curiosity. This begins with the examination of principles learned from fault tolerant design to protect against random failures, and continues to the consideration of computer security engineering as a derivative effort to protect against the promotion of malicious failures. Examples for best practice of reliable system design from aviation and computer industries are considered and security fault tolerance principles are derived from such efforts. Computer security design approaches are examined, both as abstract postulates (starting from cornerstone principles with the concepts of Confidentiality, Integrity, and Availability) and from implementation. Strategic design principles including defense in depth, defense in breadth, least privilege, and vulnerability removal are target points for the design. Additionally, we consider trust in the system over time from its sterile implementation, viewed against the backdrop of Time Based Security. The system design is assessed from external access data flows, through internal host security mechanisms, and finally to user access controls. Throughout this process we evaluate a complementary intersection – a balance between protecting the system and its ease of use by engineers. Finally, future improvements to secure system architecture are considered.
- Subjects :
- Physics and Astronomy (miscellaneous)
Computer science
business.industry
lcsh:T
Mission critical
Principle of least privilege
Fault tolerance
Usability
Computer security
computer.software_genre
lcsh:Technology
Strategic design
Management of Technology and Innovation
Systems architecture
Systems engineering
Systems design
lcsh:Q
business
lcsh:Science
Engineering (miscellaneous)
computer
Vulnerability (computing)
Subjects
Details
- Language :
- English
- Database :
- OpenAIRE
- Journal :
- Advances in Science, Technology and Engineering Systems (2019)
- Accession number :
- edsair.doi.dedup.....98bd5198ecce35fdbcde2b32509cd4ab