Proceedings Article | 30 April 2007
KEYWORDS: Computer security, Information security, Complex systems, Intelligence systems, Systems modeling, Reliability, Network security, Data modeling, Information technology, Systems engineering
Intelligent complex systems are drawing considerable attention of researchers in various scientific areas. These
architectures require adequate assurances of security, reliability, and fault-tolerance. The implementation of security
functions such as identification, authentication, access control, and data protection can be viewed in terms of a security
assurance model. This model relies on the security architecture of a system, which in turn is based on a trusted
infrastructure. This assurance model defines the level and features of the protection it offers, and determines the need and
relevance of the deployment of specific security mechanisms.
In this article, we first examine how the verification of the security measures, and notably their presence, correctness,
effectiveness, the impact of changes in the existing intelligent complex systems with respect to vulnerabilities, systems
engineering choices, reconfigurations, patch installations, network management, etc. We then explore how we can
evaluate the overall security assurance of a given system. We emphasis that it is desirable to separate the trust providing
assurance model and the security architecture, into two separated distributed entities (instrumentations, protocols,
architectures, management). We believe that this segregation will allow us to automate and boost the trusted
infrastructure and security infrastructure, while the authorizations, exceptions, and security management as a whole, are
achieved through their interaction. Finally, we discuss the security metrics for these complex intelligent systems. New
mechanisms and tools are needed for assessing and proving the security and dependability of a complex system as the
scale of these systems and the kind of threats and assumptions on their operational environment pose new challenges.
We conclude with a description of our proposed security management model.