The security gains of intrusion-tolerant systems are directly dependent on the assumption that system components fail independently of one another. The coverage of this assumption in a real-world deployment depends on how diversity is employed, using, for example, diverse off-the-shelf components. In this paper we detail a study we have done with vulnerability data, reported in the period 1999 to 2007, which we extracted from the NIST National Vulnerability Database. We provide empirical analysis of the data collected as well as exploratory analyses of the potential gains in security from employing diverse operating systems. The modelling approaches presented are of practical significance to system designers wishing to employ diversity with...
Early experiments with software diversity in the mid 1970’s investigated N-version programming and r...
Most modern computer systems are connected to the Internet. This brings many opportunities for reven...
Due to copyright restrictions, the access to the full text of this article is only available via sub...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
The security gains of intrusion-tolerant systems are directly dependent on the assumption that syste...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
This paper analyses security problems of modern computer systems caused by vulnerabilities in their ...
Building secure, inviolable systems using traditional mechanisms is becoming increasingly an unattai...
The goal of this research was to explore first principles associated with mixing of diverse implemen...
Defence-in-depth is a term often used in security literature to denote architectures in which multip...
Diversity is an important and valuable concept that has been adopted in many fields to reduce correl...
Fault/intrusion tolerance is usually the only viable way of improving the system dependability and s...
Over the past 20 years, there have been indisputable advances on the development of Byzantine Fault-...
Early experiments with software diversity in the mid 1970's investigated N-version programming and r...
Early experiments with software diversity in the mid 1970’s investigated N-version programming and r...
Most modern computer systems are connected to the Internet. This brings many opportunities for reven...
Due to copyright restrictions, the access to the full text of this article is only available via sub...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
The security gains of intrusion-tolerant systems are directly dependent on the assumption that syste...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
This paper analyses security problems of modern computer systems caused by vulnerabilities in their ...
Building secure, inviolable systems using traditional mechanisms is becoming increasingly an unattai...
The goal of this research was to explore first principles associated with mixing of diverse implemen...
Defence-in-depth is a term often used in security literature to denote architectures in which multip...
Diversity is an important and valuable concept that has been adopted in many fields to reduce correl...
Fault/intrusion tolerance is usually the only viable way of improving the system dependability and s...
Over the past 20 years, there have been indisputable advances on the development of Byzantine Fault-...
Early experiments with software diversity in the mid 1970's investigated N-version programming and r...
Early experiments with software diversity in the mid 1970’s investigated N-version programming and r...
Most modern computer systems are connected to the Internet. This brings many opportunities for reven...
Due to copyright restrictions, the access to the full text of this article is only available via sub...