Cyber Resiliency Engineering Overview of the Architectural Assessment Process

AbstractMissions, business functions, organizations, and nations are increasingly dependent on cyberspace where attacks are no longer limited to simple discrete events such as the spread of a virus or a denial-of-service attack. Therefore, architecture and systems engineering must assume systems or components have been compromised and missions and business functions must continue to operate despite compromises. A growing number of technologies and architectural practices can be used to improve resilience to cyber threats. However, these improvements come with costs as well as benefits. Cyber resiliency assessments are intended to identify where, how, and when cyber resiliency techniques can be applied to improve architectural resiliency in a cost-effective way

Intrusion Confinement By Isolation In Information Systems

System protection mechanisms such as access controls can be fooled by authorized but malicious users, masqueraders, and misfeasors. Intrusion detection techniques are therefore used to supplement them. However, damage could have occurred before an intrusion is detected. In many computing systems the requirement for a high degree of soundness of intrusion reporting can yield poor performance in detecting intrusions, and can cause long detection latency. As a result, serious damage can be caused either because many intrusions are never detected or because the average detection latency is too long. The process of bounding the damage caused by intrusions during the process of intrusion detection is referred to as intrusion confinement. We justify the necessity for intrusion confinement during detection by a probabilistic analysis model, and propose a general solution to achieve intrusion confinement. The crux of the solution is to isolate likely suspicious actions before a definite determi..

David in Goliath’s citadel: Mobilizing the Security Council’s normative power for Palestine.

This article reviews the remarkable success of the Palestinian Liberation Organization in alliance with the Non-Aligned Movement in appropriating the Security Council’s normative power to transform the global understanding of the Israel–Arab conflict. We feature the alliance’s submission of multiple declaratory resolutions from late 1967 through 1980, which condemned Israel’s occupation policies, declared all of the territories conquered in the 1967 war as occupied, and endorsed a Palestinian state. Collectively, these resolutions, including the vetoed ones, legitimized a new consensus whereby Palestinian statehood became regarded as indispensable for a just resolution, while Israel’s continued control over the occupied territories became viewed as the primary obstacle, with full withdrawal expected. This consensus endures despite concerted Israeli–US efforts to undermine it. Besides its appeal to scholars of Israel–Palestine, the study contributes fresh insights into the Security Council’s normative authority and the influence of non-powerful, non-Western actors. We explain the dynamics by which these actors appropriate the Security Council’s normative influence, through its declaratory resolutions, to boost broader advocacy campaigns. Specifically, we highlight anti-colonial normative framing — featuring self-determination and territorial integrity — coalition building, and trapping. The first two dynamics generate powerful political and normative pressure, which, in turn, traps uncommitted states into supporting the cause so as to avoid isolation and the appearance of normative hypocrisy. By featuring the Non-Aligned Movement and the Palestinian Liberation Organization as the primary agents and anticolonial values as the defining norms, we present a rarely examined counter-trajectory of norm dissemination in what is thought to be the least receptive international forum