A Baker’s Dozen of Golden Nuggets BreakOut #1: Mary Baker, James Hamilton, Mark Verber,...
-
Upload
clinton-bates -
Category
Documents
-
view
217 -
download
2
Transcript of A Baker’s Dozen of Golden Nuggets BreakOut #1: Mary Baker, James Hamilton, Mark Verber,...
A Baker’s Dozen of Golden Nuggets
BreakOut #1: Mary Baker, James Hamilton, Mark Verber, ...
A Dozen Golden Nuggets: 1 to 5 more important than 6 to 13?
1. “Sticky” Identifier that tracks path through a multi-layered system
2. Dividing system into many components and severely minimizing the number of components with state
3. No single component has state; subsets of components control state as deterministic replicated FSMs
4. Heterogeneity (of platforms, defenses)
13 Golden Nuggets (cont’d)
5. Out-of-band, secure control-plane for geographically distributed system
6. High fences between components; (process v. thread); mutually suspicious
7. Built-in self test of components, including security tests (e.g., self-scrub)
8. Don’t share state or resources
9. Communication is always authenticated and secure
13 Golden Nuggets (cont’d)
10. Defense in depth and minimal connectivity between components
11. Log every input, every state change into non-overwriting storage so that can replay, see what happened
12. Find/use programming language/systems that enforce constraints
13. Shape traffic externally to allow maintenance