网络与信息安全学报 (Feb 2023)
Intrinsic assurance: a systematic approach towards extensible cybersecurity
Abstract
At present, the mainstream cyber security systems are laid out in an alienated style, where security functions are separated from business processes, and security products are isolated from each other.It is difficult to effectively cope with increasingly complicated cyber threats in this architecture.Therefore, it is imperative to move security inward for more resilient and secure network infrastructures.Business scenarios of the cybersecurity sector can be categorized into four perspectives: organization, vendor, regulatory and threat, each of which has different business objectives.Starting from the commonness and individuality of the four perspectives, the needs of this sector was systematically summarized and then the goal of building an extensible cybersecurity capability ecosystem was recognized.As the key to this goal, the intrinsic assurance methodology was proposed.Intrinsic assurance capabilities referred to the abilities of ICT components to natively support security functions such as monitoring, protection and traceability.But intrinsic assurance is not the ultimate security implementation itself, which is a key difference from the existing “endogenous security” or “designed-in security” methodologies.Intrinsic assurance emphasizes the inherent security enabling endowment of network components, whether by activating an innate gift or by encapsulating a given one, both of which logically exhibit autoimmunity from an external viewpoint.One advantage of such a component is the cohesion of business and security, which leads to transparent security posture awareness, customized security policies, and close-fitting security protection.It also simplifies the overall engineering architecture and reduces management complexity through encapsulation of multiple functions into a singleton.Additionally, the Intrinsic Assurance Support Capability Framework was put forward, which summarized and enumerated the security capabilities that conformed to the intrinsic assurance concept.This framework classified the security capabilities into five categories, namely collection, cognition, execution, syndication and resilience respectively, together with their sub-types and underlying ICT technologies.Based on this framework, the enhanced implementations of typical security business scenarios was further introduced in light of intrinsic assurance.