Cybersecurity Architecture and
Engineering - C726
Cybersecurity architecture - Answer- is about how to weave together the various
security mechanisms and capability into a coherent whole that is effective in
thwarting adversaries from accomplishing their strategic attack goals. Architecture
requires effective building blocks as discussed up to this point in the course, and,
just as importantly, how to place and connect those building blocks in the proper
manner using design principles.
Murphy's Law - Answer- Prevent failures before they occur
Detect failures when they occur
Recover from failures when they are detected
Tolerate failures until the system recovers
Design Flaws - Answer- The return on investment of eliminating faults early in the
development process is significant. It is up to 100 times more expensive to fix faults
discovered in the maintenance phase than in the design phase.
Security flaws fixed in the design phase means the flaw was caught in the beginning
of the process.
Security flaws fixed in the implementation stage costs 6.5 times what it would cost if
caught in the design phase.
Security flaws fixed in the testing phase costs 15 times what it costs in the design
phase.
margin of safety (minimum acceptable risk) - Answer- A margin of safety calls for
engineering systems to meet requirements beyond those required by the existing
specifications. This margin of safety can be as high as three times if the three factors
discussed previously warrant it and the stakes of failure are sufficiently high.
minimum requirements:
User behavior
Unforeseen circumstances
Uncertainty
Modularity - Answer- is the design principle that calls for the aggregation of similar
functions into a programming entity with
Clear control boundaries
Private data structures
Well-defined interfaces
, Abstraction - Answer- is a similar concept to modularity. Abstraction is about dealing
with system complexity by hiding details so that all complexities and all possible
interactions do not have to be considered at once.
Scalability - Answer- analysis should be done regarding both the deployment and
operation of any system (from both a user and a system operator perspective)—
particularly for cybersecurity systems. One key to understanding scalability is
understanding complexity.
complexity - Answer- here are two types of complexity: time and space.
Time complexity refers to how much time a task will take.
Space complexity refers to how much memory a task will take. Time complexity is
the focus of the remainder of this section. Space complexity is parallel in structure
and is therefore omitted for brevity.
Recursion - Answer- is a programming technique that implements a divide and
conquer approach to solving complex problems. It allows a function to call itself and
suspend processing until the call is answered by successively simpler versions of the
problem.
Transitive trust - Answer- is the concept that if A trusts B and B trusts C, then A
inherits trust of C through the transitive property—which works like it would in a
mathematical equation: if a = b, and b = c, then a = c.
closed system - Answer- is designed to work well with a narrow range of other
systems, generally all from the same manufacturer. The standards for closed
systems are often proprietary and not normally disclosed.
Open systems - Answer- are designed using agreed-upon industry standards. Open
systems are much easier to integrate with systems from different manufacturers that
support the same standards.
security model - Answer- provides a way for designers to map abstract statements
into a security policy that prescribes the algorithms and data structures necessary to
build hardware and software.
confinement - Answer- allows a process to read from and write to only certain
memory locations and resources. This is also known as sandboxing. The operating
system, or some other security component, disallows illegal read/write requests. If a
process attempts to initiate an action beyond its granted authority, that action will be
denied.
Isolation - Answer- is used to protect the operating environment, the kernel of the
operating system (OS), and other independent applications. Isolation is an essential
component of a stable operating system. Isolation is what prevents an application
from accessing the memory or resources of another application, whether for good or
ill.
Engineering - C726
Cybersecurity architecture - Answer- is about how to weave together the various
security mechanisms and capability into a coherent whole that is effective in
thwarting adversaries from accomplishing their strategic attack goals. Architecture
requires effective building blocks as discussed up to this point in the course, and,
just as importantly, how to place and connect those building blocks in the proper
manner using design principles.
Murphy's Law - Answer- Prevent failures before they occur
Detect failures when they occur
Recover from failures when they are detected
Tolerate failures until the system recovers
Design Flaws - Answer- The return on investment of eliminating faults early in the
development process is significant. It is up to 100 times more expensive to fix faults
discovered in the maintenance phase than in the design phase.
Security flaws fixed in the design phase means the flaw was caught in the beginning
of the process.
Security flaws fixed in the implementation stage costs 6.5 times what it would cost if
caught in the design phase.
Security flaws fixed in the testing phase costs 15 times what it costs in the design
phase.
margin of safety (minimum acceptable risk) - Answer- A margin of safety calls for
engineering systems to meet requirements beyond those required by the existing
specifications. This margin of safety can be as high as three times if the three factors
discussed previously warrant it and the stakes of failure are sufficiently high.
minimum requirements:
User behavior
Unforeseen circumstances
Uncertainty
Modularity - Answer- is the design principle that calls for the aggregation of similar
functions into a programming entity with
Clear control boundaries
Private data structures
Well-defined interfaces
, Abstraction - Answer- is a similar concept to modularity. Abstraction is about dealing
with system complexity by hiding details so that all complexities and all possible
interactions do not have to be considered at once.
Scalability - Answer- analysis should be done regarding both the deployment and
operation of any system (from both a user and a system operator perspective)—
particularly for cybersecurity systems. One key to understanding scalability is
understanding complexity.
complexity - Answer- here are two types of complexity: time and space.
Time complexity refers to how much time a task will take.
Space complexity refers to how much memory a task will take. Time complexity is
the focus of the remainder of this section. Space complexity is parallel in structure
and is therefore omitted for brevity.
Recursion - Answer- is a programming technique that implements a divide and
conquer approach to solving complex problems. It allows a function to call itself and
suspend processing until the call is answered by successively simpler versions of the
problem.
Transitive trust - Answer- is the concept that if A trusts B and B trusts C, then A
inherits trust of C through the transitive property—which works like it would in a
mathematical equation: if a = b, and b = c, then a = c.
closed system - Answer- is designed to work well with a narrow range of other
systems, generally all from the same manufacturer. The standards for closed
systems are often proprietary and not normally disclosed.
Open systems - Answer- are designed using agreed-upon industry standards. Open
systems are much easier to integrate with systems from different manufacturers that
support the same standards.
security model - Answer- provides a way for designers to map abstract statements
into a security policy that prescribes the algorithms and data structures necessary to
build hardware and software.
confinement - Answer- allows a process to read from and write to only certain
memory locations and resources. This is also known as sandboxing. The operating
system, or some other security component, disallows illegal read/write requests. If a
process attempts to initiate an action beyond its granted authority, that action will be
denied.
Isolation - Answer- is used to protect the operating environment, the kernel of the
operating system (OS), and other independent applications. Isolation is an essential
component of a stable operating system. Isolation is what prevents an application
from accessing the memory or resources of another application, whether for good or
ill.
