eugenenelson replied to eugenenelson's topic in General DiscussionGreg, I have been working on an infrastructure for a number of years. The infrastructure is now ready for review and improvement. A working group of interested individuals is needed. I have contacted the INCOSE security working group in the hope of creating a subgroup to review this infrastructure. NIST, ISO, IEEE, INCOSE and other working groups are all needed to help in forming a working group to investigate and develop techniques and standards for better system reliability and security. A subgroup would investigate the infrastructure that I have been working on. I would appreciate any help that you can provide in this matter. Thanks, Gene
eugenenelson posted a topic in General DiscussionThe current approach to Cyber security is usually about one computer and a response to a newly discovered vulnerability. This approach has led to the current Cyber security crisis. A new approach and pattern views a system as many computers working together. A basic assumption is that a computer within a system will become infected. The requirements for such a system are: - Work and bulk data should be protected from an infected system component. - Work and bulk data should be replicated on multiple computers to maximize reliability. - A system should seamlessly recover from or avoid failure situations. One solution approach is for system programs to use an infrastructure for client to server access and to exchange messages. A client and server check point work recovery information along with exchanged messages. The work and client to server communication of a failed client or server can be recovered by the same kind of program running on a different computer. A server knows the identity of a client and what work a client is authorized to request. A server validates that a client request is permitted before performing work. If a client request is not permitted then the client system can be isolated and repaired. This approach and pattern can be used to improve system reliability and security. The software community needs to evaluate this approach and possible infrastructures that help programs within a system to achieve this pattern. Question to forum administrator: Is there a more appropriate forum to post this topic?