Adding the fourth "R" [CERT's model for computer security strategies]

Abstract

In the emerging discipline of survivability, defined as the "ability of a system to fulfil its mission, in a timely manner, in the presence of attacks, failures and accidents", the CERT Coordination Center has implicitly institutionalized the concept of a never-ending, escalating computer security arms race. While previous point solutions - such as PKIs, VPNs and firewalls - focused on blocking attacks, survivability reflects the inevitability of experiencing attacks and the need to recover quickly. CERT's 3 R model - resistance, recognition, and recovery - describes survivability strategies. Increasing intruder accountability by increasing legal consequences will inhibit the escalation of the hacker arms race. This is reflected in CERT's model for computer security strategies by adding a 4th R, redress, to CERT's 3R model.