Badger, M.
(2016),
Resilience and System Level Security, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=921458
(Accessed April 18, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Resilience and System Level Security
Published
Author(s)
Abstract
One approach for reducing damage caused by software vulnerabilities is to take advantage of emerging systems architecture patterns to strategically improve assurance. Emerging systems architectures embody significant choices about where computation takes place (e.g., server, client, distributed), how intrinsic networking is to typical workloads (always/sometimes required), the resources available in execution environments (e.g., virtual machine, middleware, process, web browser, microcontroller), the degree of inter-component coupling (e.g., monolithic application, microservices), and policies for system updating (e.g., manual vs periodic vs continuous). These choices have potential to significantly increase whole-system complexity, but they also may support architecting systems with high levels of component isolation and independence (e.g., via VMs, containers, language-based separation, microservices). This presentation discusses resilience as a system-level property, illustrates the use of two emerging architecture patterns (OS containers and microservices), and identifies a small number of "idea sketches" describing possible future research opportunities.Pub Type
Talks
Download Paper
Keywords
computer security, resiliency, vulnerabilities, software assurance, virtualization, containers, micro services
Citation
Created December 20, 2016, Updated May 4, 2021