• Indexed in

  • Latest News

    June 28, 2023
    Volume 12, Issue 1 of the International Journal of Information Security and Cybercrime was published
    December 29, 2022
    Volume 11, Issue 2 of the International Journal of Information Security and Cybercrime was published
    June 28, 2022
    Volume 11, Issue 1 of the International Journal of Information Security and Cybercrime was published
  • --- More News ---
  • Popular Articles

  • Book Review: “Dependability of Information Systems”

    Author(s): DRĂGULINESCU, Marin
    Issue: Volume 9, Issue 1, Year 2020

    Download PDF | Views: 76

    The monograph “Dependability of information systems” (“Dependabilitatea sistemelor informatice” – in Romanian) has been developed around the complex concept of dependability, a fundamental property which represents the ability of any system (an information system in or research) to provide a service that can reasonably be considered trustworthy.

    G. Petrică, S.D. Axinte, I.C. Bacivarov, Dependabilitatea sistemelor informatice, MATRIX ROM, Bucharest, 2019, ISBN: 978-606-25-0529-5

    The results included in this book are part of a series of extensive research in the field of dependability of complex systems of high functional responsibility, in general, and the dependability of information systems, in particular, carried out in recent decades in the EUROQUALROM Laboratory of the Department of Electronic Technology and Reliability from the Faculty of Electronics, Telecommunications and Information Technology (ETTI), University “Politehnica” of Bucharest (UPB).

    This book is a complex and valuable approach to a concept of dependability (viewed in synergy with its components – reliability, security, survivability, a.o..), an important keyword at present in the field of scientific research both nationally, as well as internationally.

    The topic of the book is of interest in the context in which computer systems currently present the essential tools in carrying out the activity of any entity, and ensuring information attributes such as security, availability and confidentiality are key objectives in the ICT society that governs us.

    In the first part of the book the authors make a detailed analysis of the basic concepts related to computer systems, respectively dependability; they present methods for analyzing dependability, emphasizing issues related to reliability, survivability, and performance of computer applications.

    The authors mention that the threats to the dependability of an information system are faults, failures, and errors. To ensure fault tolerance, the hardware and/or software components of the system are supplemented; this operation will maintain system functions when a fault occurs by masking the failures that occur or by detecting faults and properly reconfiguring the system.

    The six key attributes of dependability are reliability, safety, maintainability, confidentiality, integrity, and availability. To analyze the reliability of information systems, the authors present methods, such as: FMEA (Failure Mode and Effects Analysis), the Cause-Effect diagram and the Fault Trees Analysis, for each one being performed case studies.

    This book presents methods to ensure security of information at several levels, not just physical, buy also at logical one, in computer systems, LANs, and online applications. The theft of electronic information (personal data, passwords, or financial information), spying online activity (accessed Web addresses, sent or received e mails, physical location tracking) or identity spoofing are current criminal activities and challenges.

    Analysis of threats against information systems’ security and proposing countermeasures can be achieved by Attack-Defense Trees (ADT), a methodology used by both system designers and IT security specialists that provides a graphical analysis of how a target (a computer system, an organization, etc.) can be attacked (an objective can be achieved by a potential threat) and indicates the measures taken by the defender to prevent the attacker from achieving that goal.

    “Defense in depth” and “Defense in breadth” are two defense techniques used for securing information systems. In a comparative presentation of the two defense models, the authors highlighted the advantages and characteristics of each one. Simultaneous application of both defense models is the optimal measure for the full security of an organization’s network, but the choice of best protection techniques should be made after a complex analysis and identification of network critical elements, mention the authors.

    A separate subchapter of this book is devoted to the analysis of cyber security in Romania: the evolution, structure, and success of cyber-attacks at national level are closely related to both the user’s profile on the Internet and his degree of information on threats and how hardware solutions / software, but also legislative, are implemented at national level.

    In the last part of the book, the authors analyzed the security of Web applications starting from general software vulnerabilities and ending with the presentation of specific security elements for two popular classes of Web applications: CMS systems and e-learning platforms. This book also proposes solutions for securing and optimizing WordPress-based Web applications and identifies ways to improve cybersecurity at the national level.

    The monograph “Dependability of information systems” is elaborated by two young specialists in the field, Gabriel Petrică, PhD, IT Manager of the EUROQUALROM Laboratory (ETTI – UPB) and Sabina-Daniela Axinte, PhD candidate, tech lead and expert in quality assurance of computer systems / applications, together with Professor Ioan C. Bacivarov, PhD, a pioneer of research in Romania in the field of the dependability of highly functional systems in general, and the reliability of telecommunications systems, in particular, the field in which he elaborated the first Romanian doctoral thesis, four decades ago.

    In fact, as stated in recent international scientific meetings, we can speak of a real “Romanian school” in the field of dependability, appreciated at European level, to the foundation and development of which Professor Ioan C. Bacivarov contributed essentially.

    These contributions have materialized through the university and postgraduate educational programs and projects developed by Professor Bacivarov in the last four decades, through the numerous doctoral theses he has supervised in the field (of which 5 in co-tutoring with universities in France), as well as through the four scientific journals in the field of quality and dependability he founded and coordinated and in which valuable articles were published by Romanian researchers, together with renowned specialists from abroad.

    And judging by the quality and contributions of young specialists who have graduated in recent years, the future of this field seems assured in Romania.

    The analyzed monograph is addressed especially to researchers in the field of ICT, as well as to students, Master’s, and doctoral students from the faculties of automation, electronics, telecommunications, and information technology. It is of real theoretical and practical utility for all specialists interested in the reliability and security of information systems.

    In conclusion, we are in front of a valuable work, dedicated to a modern and dynamic field, written by recognized specialists in the field of reliability and security of information systems.
    Consequently, I highly recommend this book, which is among the best ones in its category.

    Additional Information

    Title: Book Review: “Dependability of Information Systems”
    Author(s): DRĂGULINESCU, Marin
    Publication: International Journal of Information Security and Cybercrime
    ISSN: 2285-9225, e-ISSN: 2286-0096
    Issue: Volume 9, Issue 1, Year 2020
    Section: Books Reviews and Conferences Analysis
    Page Range: 55-57

    Copyright ©2012-2023
    The International Journal of Information Security and Cybercrime (IJISC)

    All rights reserved
    The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
    No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.