[ Last changed: 17th October 1996 ]
The relationship between security and reliability is not straightforward. On the one hand, a secure system does at most X, while a reliable system does at least X; so the two concepts seem in tension. On the other hand, recent experience investigating the failure modes of automatic teller machines, satellite TV encoders, prepayment electricity meters and burglar alarms has shown that almost all real world security failures are in fact reliability failures - they result from blunders in implementation and management. After describing some of this experience, I will discuss a robustness principle which has been derived from it, and which has proved itself useful in guiding security research.
This seminar will be multicast (audio and video) on the mbone as part of our multimedia test programme. Further information is available at http://www.cl.cam.ac.uk/mbone/#cl.