Title :
Reducing risks of widespread faults and attacks for commercial software applications: towards diversity of software components
Author :
Mont, M. Casassa ; Baldwin, A. ; Beres, Y. ; Harrison, K. ; Sadler, M. ; Shiu, S.
Abstract :
Recent IT attacks demonstrated how vulnerable consumers and enterprises are when adopting commercial and widely deployed operating systems, software applications and solutions. Diversity in software applications is fundamental to increase chances of survivability to faults and attacks. Current approaches to diversity are mainly based on the development of multiple versions of the same software, their parallel execution and the usage of voting mechanisms. Because of the high cost, they are used mainly for very critical and special cases. We introduce and discuss an alternative method to ensure diversity for common widespread software applications without requiring additional resources. We describe a few encouraging results obtained from simulations.
Keywords :
computer crime; computer viruses; object-oriented programming; risk management; software reusability; attacks; commercial software applications; faults; operating systems; parallel execution; risk reduction; simulations; software component diversity; voting mechanisms; Application software; Computer bugs; Costs; Crops; Diseases; Economies of scale; Internet; Laboratories; Operating systems; Software systems;
Conference_Titel :
Computer Software and Applications Conference, 2002. COMPSAC 2002. Proceedings. 26th Annual International
Print_ISBN :
0-7695-1727-7
DOI :
10.1109/CMPSAC.2002.1044562
