Failing badly

"Failing badly" and "failing well" are concepts in systems security and network security describing how a system reacts to failure. The terms have been popularized by Bruce Schneier, a cryptographer and security consultant. [ [http://charlesmann.org/articles/Homeland-Insecurity-Atlantic.pdf Homeland Insecurity] , "Atlantic Monthly", September 2002]

A system that fails badly is one that fails "catastrophically" once failure occurs. A single point of failure can thus bring down the whole system. Examples include:
*Databases (such as credit card databases) protected only by a password. Once this security is breached, all data can be stolen.
*Buildings depending on a single column or truss, whose removal would cause a chain reaction collapse under normal loads.
*Security checks which concentrate on establishing identity, not intent (thus allowing, for example, suicide attackers to pass).
*Internet access provided by a single service provider. If the provider's network fails, all Internet connectivity is lost.

A system that fails well is one that "compartmentalizes" or "contains" failure. Examples include:
*Databases that do not allow downloads of all data in one attempt, limiting the amount of compromised data.
*Structurally redundant buildings conceived to resist loads beyond those expected under normal circumstances, or resist loads when the structure is damaged.
*Concrete structures, which show fractures long prior to breaking under load, thus giving early warning.
*Armoured cockpit doors on airplanes, which confine a potential hijacker within the cabin even if they are able to bypass airport security checks.
*Internet connectivity provided by more than one vendor or discrete path, known as multihoming.

Designing a system to 'fail well' has also been alleged to be a better use of limited security funds than the typical quest to eliminate all potential sources of errors and failure. [" [http://www.apogee.co.nz/docs/FailingWell.pdf Failing Well with Information Security] " - Young, William; Apogee Ltd Consulting, 2003]

ee also

*Fail-safe

References


Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Men Behaving Badly — For the American version, see Men Behaving Badly (U.S. TV series). Men Behaving Badly Series logo, which appears before the closing credits rolled. Gary and Tony dance badly in the background. Format …   Wikipedia

  • List of Men Behaving Badly episodes — Contents 1 Series overview 2 Episode list 2.1 Series 1 (1992) 2.2 …   Wikipedia

  • List of Men Behaving Badly characters — Below is a list of characters for the British BBC television sitcom Men Behaving Badly. The show aired between 1992 1998. *Gary Strang (Martin Clunes) Gary operates a security sales office with two old fashioned middle aged subordinates. He also… …   Wikipedia

  • Fail-fast — is a property of a system or module with respect to its response to failures. A fail fast system is designed to immediately report at its interface any failure or condition that is likely to lead to failure. Fail fast systems are usually designed …   Wikipedia

  • Bruce Schneier — infobox scientist name = Bruce Schneier birth date = Birth date and age|1963|1|15|df=y residence = citizenship = field = Computer science work institutions = Counterpane Internet Security Bell Labs United States Department of Defense BT Group… …   Wikipedia

  • Fail-deadly — is a concept in nuclear military strategy which encourages deterrence by guaranteeing an immediate, automatic and overwhelming response to an attack. The term fail deadly was coined as a contrast to fail safe .It is an example of second strike… …   Wikipedia

  • Reliability engineering — is an engineering field, that deals with the study of reliability: the ability of a system or component to perform its required functions under stated conditions for a specified period of time. [ Definition by IEEE] It is often reported in terms… …   Wikipedia

  • DJ Nihal — Nihal, talking to the crowd at a Radio 1 event in Preston Born Nihal Arthanayake 1 June 1971 (1971 06 01) (age 40) …   Wikipedia

  • Hassi Woh Phassi — Infobox Television show name = Hassi Woh Phassi format = Comedy runtime = approx. 22 minutes creator = Sri Adhikari Brothers director = Kanchan Adhikari starring = see below country = IND network = TV Asia website =… …   Wikipedia

  • Bunce Court School — New Herrlingen School at Bunce Court (formerly Landschulheim Herrlingen) Main building at Bunce Court Location Otterden …   Wikipedia


Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”

We are using cookies for the best presentation of our site. Continuing to use this site, you agree with this.