I T Monoculture: Security Risk Defenses
The paper highlights a fact that modern society shows a common reflection of monoculture in information technology due to its advantageous position though there still chances of it being under the risk of virus and other forms of malware attack. However, this does not limit the possibilities of various improvements through the use of various approaches. The grouping of attack to three major groups of attack among them configuration, technology and trust forms a strong foundation of designing ways to counteract these attacks. First, the sensibility of combining monoculture with automated diversity is supported by its potential to counteract the intentions of an attacker. In another view, various forms of attacks among them code injection and attacks-return-to-libc can also be counteracted by the use of Genesis software which can be applied at any point (Lala & Schneider, nd).
The creation of independent software replicas is also seen as a way of creating diversity at low costs. In addition, the aspect of monoculture having potential to protect against code-injection attacks is provided creating a separation between data and genuine codes environment. These advanced approaches provide a new form and hope in information security especially in the provision of new avenues of protecting information. Another great aspect is the provision of new areas of development where new architectural developments can be undertaken in form of monoculture by embracing diversity as a part of information management.
Lala, J. H. & Schneider, F. B. (nd) IT Monoculture Security Risk Defenses retrieved August 25, 2010 from <www.computer.org/security/>