ENG 203_7D

ENG 203_7D - ENG 203:SYSTEM ARCHITECTURE System Engineering...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
ENG 203:SYSTEM ARCHITECTURE 01/20/12 1 System Engineering in an Acquisition Context John M. Borky 2009 - all rights reserved Engineering 203 System Architecture Dr. Mike Borky [email protected] (Cell) 505 453-0496 © John M. Borky 2009 – all rights reserved
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
ENG 203:SYSTEM ARCHITECTURE 01/20/12 2 Session 7 – Real-Time and Secure Systems Lectures: 7A – Characteristics of Real-Time Systems 7B – Real-Time Analysis 7C –Real-Time Architecture and Implementation 7D – Security and Information Assurance John M. Borky 2009 - all rights reserved
Background image of page 2
ENG 203:SYSTEM ARCHITECTURE 01/20/12 3 Lecture 7D – Architecting Security Against a Wide Range of Threats John M. Borky 2009 - all rights reserved
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
ENG 203:SYSTEM ARCHITECTURE Security Challenges 01/20/12 John M. Borky 2009 - all rights reserved 4 Secure System Insider Threat Computer Crime Network Attack V i r u s D a t T h e f P y c l A k Operational Disruption Hacking Many system/enterprise categories have security/information assurance (IA) requirements Defense systems must protect classified information & undergo certification and Commercial systems must be protected against computer criminals Threats come in many forms, including insiders, thrill seekers, industrial spies and other criminals Key is to balance system performance
Background image of page 4
ENG 203:SYSTEM ARCHITECTURE 01/20/12 5 Basic Concepts John M. Borky 2009 - all rights reserved Confidentiality – prevent unauthorized access to sensitive data, at rest and in transit Integrity – prevent unauthorized parties from modifying, corrupting, inserting, deleting or duplicating data Availability –ensure timely access to protected data and functions by authorized recipients Authorization/Access Control –restrict access to recipients with the necessary permissions and need-to-know Non-Repudiation –prove that a given party took part in an information transaction despite that party’s denial Authentication/Identity –prove with adequate certainty that a party is who he claims to be and has a known identity for use in functions such as Access Control Audit – detect, record, analyze and report events associated with security mechanisms Defense in Depth – protective measures at multiple points, e.g., boundary, network, computer and application
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
ENG 203:SYSTEM ARCHITECTURE 01/20/12 6 Protective Measures John M. Borky 2009 - all rights reserved Fundamental concerns: Clarity and completeness of requirements, including stakeholder validation Trustworthiness of components and policies Provable compliance with security requirements and policies Correct operation and maintenance of the system to preserve security The environment in which the system operates, including threats that security mechanisms must counter Categories of protection: Technical – measures such as firewalls, encryption, electronic intrusion detection, logging and auditing, periodic security testing, policy-controlled
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 01/20/2012 for the course ENGR 203 taught by Professor Borky during the Summer '10 term at UCLA.

Page1 / 19

ENG 203_7D - ENG 203:SYSTEM ARCHITECTURE System Engineering...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online