Skip to main content

Security implications of structure

Bryans, Jeremy and Arief, Budi (2006) Security implications of structure. In: Besnard, Denis and Gacek, Cristina and Jones, Cliff, eds. Structure for Dependability: Computer-Based Systems from an Interdisciplinary Perspective. Springer London, London, pp. 217-227. ISBN 978-1-84628-110-5. E-ISBN 978-1-84628-111-2. (doi:10.1007/1-84628-111-3_11) (Access to this publication is currently restricted. You may be able to access a copy if URLs are provided) (KAR id:58728)

PDF Publisher pdf
Language: English

Restricted to Repository staff only
[thumbnail of SecurityImplicationsOfStructure.pdf]
Official URL:
http://dx.doi.org/10.1007/1-84628-111-3_11

Abstract

Computer security is an important issue in determining the dependability of computer systems. It becomes even more crucial when we talk about computer-based systems (CBS), where we take into consideration the roles played by the human actors (or human components) involved in the system.

In this chapter, we begin to explore the security of complex CBS (sometimes called socio-technical systems). We do this by putting forward a common structuring abstraction for technical systems (that of component-based systems), then extending this abstraction to computer-based systems, in order to take into account the socio-technical structure of the system.

Section 2 introduces some basic notions of computer security largely developed within the technical domain, and in Section 2.2 we look at a well known model of how these systems are protected (the Swiss Cheese model [9]). In Section 3 we consider more closely the component-based architecture, and consider how well this architectural model copes with introducing people as components. The security implications of this architectural model are presented in Section 3.3, together with a new diagrammatic representation of the model, and an attempt to adapt Reason’s Swiss Cheese model to socio-technical systems. A short discussion of socio-technical security policies is presented in Section 4, and we conclude in Section 5.

Item Type: Book section
DOI/Identification number: 10.1007/1-84628-111-3_11
Uncontrolled keywords: security, computer-based systems, human factors
Subjects: Q Science
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Budi Arief
Date Deposited: 17 Nov 2016 11:32 UTC
Last Modified: 16 Nov 2021 10:23 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/58728 (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.