|
|
|
AVAILABILITY Availability is the assurance that a computer system is accessible by authorized users whenever needed. Two facets of availability are typically discussed:
Denial of service usually refers to actions that tie up computing services in a way that renders the system unusable by authorized users. For example, the Internet worm overloaded about 10% of the computer systems on the network, causing them to be nonresponsive to the needs of users. The loss of data processing capabilities as a result of natural disasters or human actions is perhaps more common. Such losses are countered by contingency planning, which helps minimize the time that a data processing capability remains unavailable. Contingency planning — which may involve business resumption planning, alternative-site processing, or simply disaster recovery planning — provides an alternative means of processing, thereby ensuring availability. Physical, technical, and administrative issues are important aspects of security initiatives that address availability. The physical issues include access controls that prevent unauthorized persons from coming into contact with computing resources, various fire and water control mechanisms, hot and cold sites for use in alternative-site processing, and off-site backup storage facilities. The technical issues include fault-tolerance mechanisms (e.g., hardware redundancy, disk mirroring, and application checkpoint restart), electronic vaulting (i.e., automatic backup to a secure, off-site location), and access control software to prevent unauthorized users from disrupting services. The administrative issues include access control policies, operating procedures, contingency planning, and user training. Although not obviously an important initiative, adequate training of operators, programmers, and security personnel can help avoid many computing stages that result in the loss of availability. In addition, availability can be restricted if a security office accidentally locks up an access control data base during routine maintenance, thus preventing authorized users access for an extended period of time. Considerable effort is being devoted to addressing various aspects of availability. For example, significant research has focused on achieving more fault-tolerant computing. Another sign that availability is a primary concern is that increasing investments are being made in disaster recovery planning combined with alternative-site processing facilities. Investments in antiviral products are escalating as well; denial of service associated with computer viruses, Trojan horses, and logic bombs is one of today’s major security problems. Known threats to availability can be expected to continue. New threats may emerge as technology evolves, making it quicker and easier for users to share information resources with other users, often at remote locations. SUMMARY The three basic purposes of security management — integrity, confidentiality, and availability — are present in all systems. Whether a system emphasizes one or the other of these purposes depends on the functions performed by the applications. For example, air traffic control systems do not require a high level of information confidentiality; however, a high degree of integrity is crucial to avoid disastrous misguiding of aircraft, and availability is important to avoid disruption of air traffic services. Automobile companies, on the other hand, often go to extreme lengths to protect the confidentiality of new designs, whereas integrity and availability are of lesser concern. Military weapons systems also must have a high level of confidentiality to avoid enemy compromise. In addition, they must provide high levels of integrity (to ensure reliability) and availability (to ensure that the system operates as expected when needed). Historically, confidentiality has received the most attention, probably because of its importance in military and government applications. As a result, capabilities to provide confidentiality in computer systems are considerably more advanced than those providing integrity or availability. Significant research efforts have recently been focused on the integrity issue. Still, little attention has been paid to availability, with the exception of building fault tolerance into vendor products and including hot and cold sites for backup processing in disaster recovery planning. The combination of integrity, availability, and confidentiality in appropriate proportions to support the organization’s goals can provide users with a trustworthy system — that is, users can trust it will consistently perform according to their expectations. Trustworthiness has a broader definition than security in that it combines security with safety and reliability as well as the protection of privacy (which is already considered to be a part of security). In addition, many of the mechanisms that provide security also make systems more trustworthy in general. These multipurpose safeguards should be exploited to the extent practicable.
|