• DocumentCode
    3309285
  • Title

    Adding the fourth "R" [CERT\´s model for computer security strategies]

  • Author

    Endicott-Popovsky, Barbara ; Frincke, Deb

  • fYear
    2004
  • fDate
    10-11 June 2004
  • Firstpage
    442
  • Lastpage
    443
  • Abstract
    In the emerging discipline of survivability, defined as the "ability of a system to fulfil its mission, in a timely manner, in the presence of attacks, failures and accidents", the CERT Coordination Center has implicitly institutionalized the concept of a never-ending, escalating computer security arms race. While previous point solutions - such as PKIs, VPNs and firewalls - focused on blocking attacks, survivability reflects the inevitability of experiencing attacks and the need to recover quickly. CERT\´s 3 R model - resistance, recognition, and recovery - describes survivability strategies. Increasing intruder accountability by increasing legal consequences will inhibit the escalation of the hacker arms race. This is reflected in CERT\´s model for computer security strategies by adding a 4th R, redress, to CERT\´s 3R model.
  • Keywords
    authorisation; computer crime; message authentication; CERT Coordination Center; CERT computer security model; PKI; VPN; computer security arms race; firewall; hacker arms race; intrusion system; security attack; Accidents; Arm; Authentication; Computer hacking; Computer security; Cost function; IEEE members; Law; Legal factors; Virtual private networks;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance Workshop, 2004. Proceedings from the Fifth Annual IEEE SMC
  • Print_ISBN
    0-7803-8572-1
  • Type

    conf

  • DOI
    10.1109/IAW.2004.1437854
  • Filename
    1437854
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3309285