Architectural Solution Integration to Contain ICT Supply Chain Threats
[Note] This paper was submitted to the 2nd Cyber Security Summit @London at June 1-2. A novel idea was explored to touch the critical concern surrounding ICT supply chain threats. You are welcome to download it and share your comments with the authors. Here are some comments at the web, thanks to Jart.
Abstract — Information Communication Technology, which has been more and more critical in the modern economy and society , means more than information technology and traditional telecommunications. The integrity of ICT supply chain has slightly different meaning than the traditional security and assurance. Partly for the sake of difficulties to technically testify the increasingly complicated modern ICT products, it’s by no means to figure out an end to end integrity assurance program and methodology, letting alone test cost and timing factors.
This paper investigates the threats of ICT supply chain integrity, particularly covert channel. An architectural approach, named as Architectural Solution Integration, is given out to assure the integrity of ICT system and contain the potential threats through supply chains. The quantitative assessment of ICT supply chain integrity is discussed as well, followed by the future work analysis.
Key Words — ICT Supply Chain Integrity;Assurance;Security;Covert Channel
. 想更新一下博客,又没有新的话题,只好把前面几个月一些老文章拿出来重贴一下。本文写于RSA2011之后,主要是为了完成绿盟技术内刊的任务。请各位朋友指正。
Recent Comments