Publications
Attributes of Securable Architectures
As cyber-security is becoming more and more important in systems development, engineers have begun to recognize and understand the types of errors they can introduce through hurried coding technique and design. This overall trend is certainly moving the software industry in the right direction and can lead to developing higher quality software-centric systems. Unfortunately, we have barely begun to examine the results of poor architectural choices, nor do we have much insight into what secure and securable architectures look like. In this paper, based on the past 40 years of work identifying specific security principles, we create a taxonomy of principles that address the abstract cyber-security needs of systems. We then tie these principles to studies of insecure systems architectures to demonstrate applicability. We close the paper with a description of other cyber-security taxonomies, how they specifically differ from this presented taxonomy, and add new principles to address gaps shown in taxonomic comparisons.