Safety and security are two attributes of dependability, among with availability
and reliability . In broad terms, security is the prevention of unauthorized
access to information and unauthorized modication of information. Safety is
the avoidance of catastrophic consequence on the environment. Despite their
common contribution to dependability, research in computer safety and security
has followed mostly separate paths. The ob jective of this paper is to discuss
possible connections between methods and models developed by the two communities.
The computer security community has developed various models of secure
systems. The emphasis of such models is usually on condentiality, that is,
on preventing the unauthorized disclosure of information. Early models were
based on access control formulations: condentiality is enforced by restricting
the operations the active entity in a system (the sub jects) are allowed to
perform on the data repositories of the system (the ob jects) . Such models
have well-known limitations [22, 24]: they do not separate security policy and
enforcement mechanisms, they require knowledge of the internals of a system
to identify ob jects and sub jects, and, more importantly, they do not consider
covert channels. More abstract models have been proposed that address these
issues. These security models are all related to the concept of noninterference
proposed by Goguen and Meseguer . In such models, security is dened as
the absence of unauthorized information ows between users of a system. The
security requirements are constraints on the set of sequences of events that can
be produced on the input and output interfaces of the system. In therst part
of the paper, we give an overview of the dierent avors of information- ow
security concepts proposed in the literature, and we examine the application of
such concepts in safety-related areas.
In the second part of the paper, we take a reverse point of view. We discuss
the possible contribution of fault-tolerance techniques designed to increase system
reliability to security. More precisely, we examine whether these techniques
can be extended to tolerate intentional attacks rather than accidental faults.
See the attached documents to get more details.
- Enforceable security policiesDownload.
- From security to safety and backDownload.
- Homeland Security and SafetyDownload.
- Maintaining security and safety in high-threat operations transitionsDownload.
- Mobile Health Requires Mobile SecurityDownload.
- Refugees and Border SecurityDownload.
- Refugees Safety and Xenophobia in South African Cities the role of the local govtDownload.
- Rethinking human securityDownload.
- The use and misuse of national security rationale in crafting us refugee and immigration policiesDownload.