Is "deny Access" a Valid "fail-Safe Default" Principle for Building Security in Cyberphysical Systems?

Research output: Contribution to JournalArticleAcademicpeer-review

Abstract

© 2003-2012 IEEE.In 1975, Saltzer and Schroeder (SS) elucidated eight design principles that shaped decades of security research and development.1 Some of them are listed as key tenets of security protocols2 in software design methodologies, such as Microsoft's Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege threat model,3,4 and in McGraw's 2004 article "Software Security" in IEEE Security Privacy.5
Original languageEnglish
Article number8821456
Pages (from-to)90-93
JournalIEEE Security and Privacy
Volume17
Issue number5
DOIs
Publication statusPublished - 1 Sept 2019
Externally publishedYes

Funding

I would like to thank Richard Clay- ton, Sandro Etalle, Virgil Gligor, and Mike Schroeder for their use ful comments that greatly improved this article. Any remaining error is mine. This work is partly supported by European Union Horizon 2020 grant 830929, CyberSec4Europe (www.cybersec4europe.eu) grant 770138, and the Observation Plat form for Technological and Institu tional Consolidation of Research in Safety 2 project (www.optics-project .eu).

FundersFunder number
Observation Plat form for Technological and Institu tional Consolidation of Research in Safety 2
Horizon 2020 Framework Programme
Horizon 2020770138, 830929

    Fingerprint

    Dive into the research topics of 'Is "deny Access" a Valid "fail-Safe Default" Principle for Building Security in Cyberphysical Systems?'. Together they form a unique fingerprint.

    Cite this