Academic journal article Informatica Economica

Increasing Distributed IT&C Application Security

Academic journal article Informatica Economica

Increasing Distributed IT&C Application Security

Article excerpt

The development of distributed IT & C applications - DIA is presented alongside their main characteristics and the actors involved in activities through-out their lifecycle are identified in the before-mentioned scope. Aspects pertaining security risks, as well as methods of enhancing security, are detailed by DIA architectural features. The analysis includes risk elements, vulnerabilities, means of enhancing the behavior of the system, as well as a hierarchical feature dependency model based on a qualitative assessment of DIA security features, obtained through an inquiry in the common means of protection used by Romanian professionals, as well as their prioritization in the context of limited resources. A graph-based model of feature interactions is built. The last section deals with the ways of improving risk detection methods, as derived from the answers and features presented.

Keywords: Distributed IT&C Applications, Security, Development, Questionnaire, Assessment

(ProQuest: ... denotes formulae omitted.)

1DIA Development

Today's developed informational society involves the implementing of distributed applications, software characterized by components that are either shared by multiple operators - common databases, or part of a larger, enveloping system.

Distributed IT Applications - DIAs - define collections of software modules separated based on function or location and interacting in a structured manner in order to provide an optimized solution to a request. DIAs are characterized by the existence of components with varying degrees of interdependency, differentiated by role, software technology and geographical location, communicating in a synchronous or asynchronous manner in solving a task. One particularity of such systems is the existence of multiple processing nodes.

DIA components are characterized by:

* diversity , in the sense that module development technologies vary widely; the layered architecture of the systems increases the array of tools for implementing the required components, as database management systems, integrated development environments, logging & system auditing are used together in providing better solutions;

* functional orientation, each component having a pre-determined, well defined role in the system; communication, computing the input, auditing, authorization, authentication, encryption, maintenance form the array of tasks that characterize distributed application subassemblies;

* technical autonomy, the property of a component to function even if other components it interacts with are not accessible; data access and operation security is increased by the usage of duplicate modules, of independently operating computing units and load balancers that besides splitting the workload act towards redirecting jobs in case an error occurs or a component becomes unavailable;

* logical autonomy, derived as a notion from the technical one, but encompassing a module's ability to perform its individual tasks at maximum efficiency and without waiting for an external process-based input; when the latter is required, the interaction occurs asynchronously; parallel processing software, acting in the solving of complex problems requiring large amounts of computing power, solve the issues by separating tasks based on the degree of interdependency in obtaining the results, analogous to an algorithm for solving a system of equations, in which the order of the initial computations is irrelevant as long as they are all applied;

* redundancy, the presence of common functions in more than one component, used to improve system-wide performance or as backup in case an incident occurs; the sensitive nature of financial and security systems, as well as public services, leads to architectures using components performing identical tasks and auditing of the same data set information at multiple points in the system.

Distributed systems are identified with respect to the manner in which resources are accessed, as parallel or concurrent. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.