|
An Architecture for an Adaptive Intrusion Tolerant Server
by Dr. Steven Cheung, Dr. Bruno Dutertre, Joshua Levy, Dr. Hassen Saïdi, Dr. Tomas Uribe, Alfonso Valdes, Magnus Almgren, Yves Deswarte & Victoria Stavridou.
Appears in Springer-Verlag, LNCS. From In Security Protocols Workshop. Cambridge. 2002.
Abstract
We describe a general architecture for intrusion-tolerant enterprise systems and the implementation of an intrusion-tolerant Web
server as a specific instance. The architecture comprises functionally redundant COTS servers running on diverse operating systems and platforms, hardened intrusion-tolerance proxies that mediate client requests and verify the behavior of servers and other proxies, and monitoring and alert management components based on the EMERALD intrusion-detection framework. Integrity and availability are maintained by dynamically adapting the system configuration in response to intrusions or other faults. The dynamic configuration specifies the servers assigned to each client request, the agreement protocol used to validate server replies, and the resources spent on monitoring and detection. Alerts trigger increasingly strict regimes to ensure continued service, with graceful degradation of performance, even if some servers or proxies are compromised or faulty. The system returns to less stringent regimes as threats diminish. Servers and proxies can be isolated, repaired, and reinserted without interrupting service.
BibTEX Entry
@article{unspecified,
AUTHOR = { {A.} Valdes and {M.} Almgren and {S.} Cheung and {Y.} Deswarte and {B.} Dutertre and {J.} Levy and {H.} Saidi and {V.} Stavridou and {T.} {E.} Uribe},
TITLE = {An architecture for an adaptive intrusion tolerant server},
JOURNAL = {Springer-Verlag},
YEAR = {2002},
URL = {http://www.csl.sri.com/papers/protocols_sri_02/},
LOCATION = {Cambridge},
SERIES = {{LNCS}},
BOOKTITLE = {In Security Protocols Workshop}
}
Files
|
|