chapter

Intrusion-tolerant architectures: concepts and design

Authors:

Paulo Esteves Veríssimo,

Nuno Ferreira Neves,

Miguel Pupo CorreiaAuthors Info & Claims

Architecting dependable systems

January 2003

Pages 3 - 36

Published: 01 January 2003 Publication History

Abstract

There is a significant body of research on distributed computing architectures, methodologies and algorithms, both in the fields of fault tolerance and security. Whilst they have taken separate paths until recently, the problems to be solved are of similar nature. In classical dependability, fault tolerance has been the workhorse of many solutions. Classical security-related work has on the other hand privileged, with few exceptions, intrusion prevention. Intrusion tolerance (IT) is a new approach that has slowly emerged during the past decade, and gained impressive momentum recently. Instead of trying to prevent every single intrusion, these are allowed, but tolerated: the system triggers mechanisms that prevent the intrusion from generating a system security failure. The paper describes the fundamental concepts behind IT, tracing their connection with classical fault tolerance and security. We discuss the main strategies and mechanisms for architecting IT systems, and report on recent advances on distributed IT system architectures.

References

[1]

Adelsbach, A., Alessandri, D., Cachin, C., Creese, S., Deswarte, Y., Kursawe, K., Laprie, J.C., Powell, D., Randell, B., Riordan, J., Ryan, P., Simmonds, W., Stroud, R., Veríssimo, P., Waidner, M., Wespi, A.: Conceptual Model and Architecture of MAFTIA. Project MAFTIA IST-1999-11583 deliverable D21. (2002) http://www.research.ec.org/maftia/deliverables/D21.pdf.

[2]

Alvisi, L., Malkhi, D., Pierce, E., Reiter, M.K., Wright, R.N.: Dynamic Byzantine quorum systems. In: Proceedings of the IEEE International Conference on Dependable Systems and Networks. (2000) 283-292.

Digital Library

[3]

Amir, Y., Kim, Y., Nita-Rotaru, C., Schultz, J., Stanton, J., Tsudik, G.: Exploring robustness in group key agreement. In: Proceedings of the 21st IEEE International Conference on Distributed Computing Systems. (2001) 399-408.

Digital Library

[4]

Ateniese, G., Steiner, M., Tsudik, G.: New multi-party authentication services and key agreement protocols. IEEE J. of Selected Areas on Communications 18 (2000).

Digital Library

[5]

Avizienis, A., Laprie, J.C., Randell, B.: Fundamental concepts of dependability. Technical Report 01145, LAAS-CNRS, Toulouse, France (2001).

[6]

Bracha, G., Toueg, S.: Asynchronous consensus and broadcast protocols. Journal of the ACM 32 (1985) 824-840.

Digital Library

[7]

Cachin, C., Correia, M., McCutcheon, T., Neves, N., Pfitzmann, B., Randell, B., Schunter, M., Simmonds, W., Stroud, R., Veríssimo, P., Waidner, M., Welch, I.: Service and Protocol Architecture for the MAFTIA Middleware. Project MAFTIA IST-1999-11583 deliverable D23. (2001) http://www.research.ec.org/maftia/deliverables/D23final.pdf.

[8]

Cachin, C., Poritz, J.A.: Hydra: Secure replication on the internet. In: Proceedings of the International Conference on Dependable Systems and Networks. (2002).

Digital Library

[9]

Canetti, R., Gennaro, R., Herzberg, A., Naor, D.: Proactive security: Long-term protection against break-ins. RSA CryptoBytes 3 (1997) 1-8.

[10]

Castro, M., Liskov, B.: Practical Byzantine fault tolerance. In: Proceedings of the Third Symposium on Operating Systems Design and Implementation. (1999).

Digital Library

[11]

Connelly, K., Chien, A.A.: Breaking the barriers: High performance security for high performance computing. In: Proc. New Security Paradigms Workshop. (2002).

Digital Library

[12]

Correia, M., Lung, L.C., Neves, N.F., Veríssimo, P.: Efficient Byzantine-resilient reliable multicast on a hybrid failure model. In: Proceedings of the 21st IEEE Symposium on Reliable Distributed Systems. (2002) 2-11.

Digital Library

[13]

Correia, M., Veríssimo, P., Neves, N.F.: The design of a COTS real-time distributed security kernel. In: Proceedings of the Fourth European Dependable Computing Conference. (2002) 234-252.

Digital Library

[14]

Cukier, M., Lyons, J., Pandey, P., Ramasamy, H.V., Sanders, W.H., Pal, P., Webber, F., Schantz, R., Loyall, J., Watro, R., Atighetchi, M., Gossett, J.: Intrusion tolerance approaches in ITUA (fast abstract). In: Supplement of the 2001 International Conference on Dependable Systems and Networks. (2001) 64-65.

[15]

Debar, H., Wespi, A.: Aggregation and correlation of intrusion detection alerts. In: 4th Workshop on Recent Advances in Intrusion Detection. Volume 2212 of Lecture Notes in Computer Science. Springer-Verlag (2001) 85-103.

Digital Library

[16]

Deswarte, Y., Blain, L., Fabre, J.C.: Intrusion tolerance in distributed computing systems. In: Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy. (1991) 110-121.

[17]

Dobson, J., Randell, B.: Building reliable secure computing systems out of unreliable insecure components. In: Proceedings of the International Symposium on Security and Privacy, IEEE (1986) 187-193.

[18]

Dutertre, B., Crettaz, V., Stavridou, V.: Intrusion-tolerant Enclaves. In: Proceedings of the IEEE International Symposium on Security and Privacy. (2002).

Digital Library

[19]

Fraga, J.S., Powell, D.: A fault- and intrusion-tolerant file system. In: Proceedings of the 3rd International Conference on Computer Security. (1985) 203-218.

[20]

Hadzilacos, V., Toueg, S.: A modular approach to fault-tolerant broadcasts and related problems. Technical Report TR94-1425, Cornell University, Department of Computer Science (1994).

Digital Library

[21]

Hiltunen, M., Schlichting, R., Ugarte, C.A.: Enhancing survivability of security services using redundancy. In: Proceedings of the IEEE International Conference on Dependable Systems and Networks. (2001) 173-182.

Digital Library

[22]

Kihlstrom, K.P., Moser, L.E., Melliar-Smith, P.M.: The SecureRing group communication system. ACM Transactions on Information and System Security 4 (2001) 371-406.

Digital Library

[23]

Knight, J., Heimbigner, D., Wolf, A., Carzaniga, A., Hill, J., Devanbu, P.: The Willow survivability architecture. In: Proceedings of the 4th Information Survivability Workshop. (2001).

[24]

Malkhi, D., Reiter, M.K., Tulone, D., Ziskind, E.: Persistent objects in the Fleet system. In: Proceedings of the 2nd DARPA Information Survivability Conference and Exposition (DISCEX II). (2001).

[25]

Meyer, F., Pradhan, D.: Consensus with dual failure modes. In: Proc. of the 17th IEEE International Symposium on Fault-Tolerant Computing. (1987) 214-222.

[26]

Nicomette, V., Deswarte, Y.: An Authorization Scheme for Distributed Object Systems. In: IEEE Symposium on Research in Privacy and Security. (1996) 31-40.

Digital Library

[27]

Pfitzmann, B., Waidner, M.: A model for asynchronous reactive systems and its application to secure message transmission. In: Proceedings of the IEEE Symposium on Research in Security and Privacy. (2001) 184-200.

Digital Library

[28]

Powell, D., Seaton, D., Bonn, G., Veríssimo, P., Waeselynk, F.: The Delta-4 approach to dependability in open distributed computing systems. In: Proceedings of the 18th IEEE International Symposium on Fault-Tolerant Computing. (1988).

[29]

Powell, D., ed.: Delta-4: A Generic Architecture for Dependable Distributed Processing. Springer-Verlag (1991) Research Reports ESPRIT.

Digital Library

[30]

Powell, D.: Fault assumptions and assumption coverage. In: Proceedings of the 22nd IEEE International Symposium of Fault-Tolerant Computing. (1992).

[31]

Reiter, M.K.: The Rampart toolkit for building high-integrity services. In: Theory and Practice in Distributed Systems. Volume 938 of Lecture Notes in Computer Science. Springer-Verlag (1995) 99-110.

Digital Library

[32]

Schneider, F.B.: The state machine approach: A tutorial. Technical Report TR86- 800, Cornell University, Computer Science Department (1986).

Digital Library

[33]

Veríssimo, P., Rodrigues, L.: Distributed Systems for System Architects. Kluwer Academic Publishers (2001).

Digital Library

[34]

Veríssimo, P., Rodrigues, L., Casimiro, A.: Cesiumspray: A precise and accurate global clock service for large-scale systems. Journal of Real-Time Systems 12 (1997) 243-294.

Digital Library

[35]

Veríssimo, P.: Uncertainty and predictability: Can they be reconciled? In: Future Directions in Distributed Computing. Springer-Verlag LNCS 2584 (2003).

[36]

Veríssimo, P., Casimiro, A., Fetzer, C: The Timely Computing Base: Timely actions in the presence of uncertain timeliness. In: Proceedings of the International Conference on Dependable Systems and Networks. (2000) 533-542.

Digital Library

[37]

Xu, J., Randell, B., Romanovsky, A., Rubira, C, Stroud, R.J., Wu, Z.: Fault tolerance in concurrent object-oriented software through coordinated error recovery. In: Proceedings of the 25th IEEE International Symposium on Fault-Tolerant Computing. (1995) 499-508.

Digital Library

[38]

Zhou, L., Schneider, F., van Renesse, R.: COCA: A secure distributed on-line certification authority. ACM Trans. on Computer Systems 20 (2002) 329-368.

Digital Library

Cited By

Lee YLee SSeo HYoon CShin SYoon H(2018)DuoSecurity and Communication Networks10.1155/2018/67510422018Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.1155/2018/6751042
Lyons AMcLeod KAlmatary HHeiser GOliveira RFelber PHu Y(2018)Scheduling-context capabilitiesProceedings of the Thirteenth EuroSys Conference10.1145/3190508.3190539(1-16)Online publication date: 23-Apr-2018
https://dl.acm.org/doi/10.1145/3190508.3190539
Abdi FChen CHasan MLiu SMohan SCaccamo MGill CSinopoli BLiu XTabuada P(2018)Guaranteed physical security with restart-based design for cyber-physical systemsProceedings of the 9th ACM/IEEE International Conference on Cyber-Physical Systems10.1109/ICCPS.2018.00010(10-21)Online publication date: 11-Apr-2018
https://dl.acm.org/doi/10.1109/ICCPS.2018.00010
Show More Cited By

Recommendations

Intrusion-Tolerant Middleware: The Road to Automatic Security

The pervasive interconnection of systems throughout the world has given computer services a significant socioeconomic value that both accidental faults and malicious activity can affect. The classical approach to security has mostly consisted of trying ...
An intrusion tolerant architecture for dynamic content internet servers
SSRS '03: Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security

This paper describes a generic architecture for intrusion tolerant Internet servers. It aims to build systems that are able to survive attacks in the context of an open network such as the Internet. To do so, the design is based on fault tolerance ...
An Intrusion-Tolerant Mechanism for Intrusion Detection Systems
ARES '08: Proceedings of the 2008 Third International Conference on Availability, Reliability and Security

In accordance with the increasing importance of intrusion detection systems (IDS), users justifiably demand the trustworthiness of the IDS. However, sophisticated attackers attempt to disable the IDS before they launch a thorough attack. Therefore, to ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide books

Architecting dependable systems

January 2003

310 pages

ISBN:3540407278

Editors:
Rogério De Lemos
University of Kent, Computing Laboratory, Canterbury, Kent, United Kingdom
,
Cristina Gacek
University of Newcastle upon Tyne, School of Computing Science, Newcastle upon Tyne, United Kingdom
,
Alexander Romanovsky
University of Newcastle upon Tyne, School of Computing Science, Newcastle upon Tyne, United Kingdom

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 01 January 2003

Qualifiers

Chapter

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
8
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Lee YLee SSeo HYoon CShin SYoon H(2018)DuoSecurity and Communication Networks10.1155/2018/67510422018Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.1155/2018/6751042
Lyons AMcLeod KAlmatary HHeiser GOliveira RFelber PHu Y(2018)Scheduling-context capabilitiesProceedings of the Thirteenth EuroSys Conference10.1145/3190508.3190539(1-16)Online publication date: 23-Apr-2018
https://dl.acm.org/doi/10.1145/3190508.3190539
Abdi FChen CHasan MLiu SMohan SCaccamo MGill CSinopoli BLiu XTabuada P(2018)Guaranteed physical security with restart-based design for cyber-physical systemsProceedings of the 9th ACM/IEEE International Conference on Cyber-Physical Systems10.1109/ICCPS.2018.00010(10-21)Online publication date: 11-Apr-2018
https://dl.acm.org/doi/10.1109/ICCPS.2018.00010
Costa PBai XRamos FCorreia MVarela CCastro HBarrios C(2016)MedusaProceedings of the 16th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing10.1109/CCGrid.2016.20(443-452)Online publication date: 16-May-2016
https://dl.acm.org/doi/10.1109/CCGrid.2016.20
Hoque NBhattacharyya DKalita J(2015)Botnet in DDoS Attacks: Trends and ChallengesIEEE Communications Surveys & Tutorials10.1109/COMST.2015.245749117:4(2242-2270)Online publication date: 18-Nov-2015
https://dl.acm.org/doi/10.1109/COMST.2015.2457491
Hakamian MRahmani A(2015)Evaluation of isolation in virtual machine environments encounter in effective attacks against memorySecurity and Communication Networks10.1002/sec.13748:18(4396-4406)Online publication date: 1-Dec-2015
https://dl.acm.org/doi/10.1002/sec.1374
Froihofer LStarnberger GGoeschka K(2011)Experience reportProceedings of the 11th IFIP WG 6.1 international conference on Distributed applications and interoperable systems10.5555/2022090.2022108(228-242)Online publication date: 6-Jun-2011
https://dl.acm.org/doi/10.5555/2022090.2022108
Jouvray CSall MKung A(2010)Enforcing trust in embedded systems using modelsProceedings of the International Workshop on Security and Dependability for Resource Constrained Embedded Systems10.1145/1868433.1868435(1-8)Online publication date: 14-Sep-2010
https://dl.acm.org/doi/10.1145/1868433.1868435
Uemura TDohi TKaio N(2010)Availability analysis of an IMS-based VoIP network systemProceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV10.1007/978-3-642-12189-0_39(441-456)Online publication date: 23-Mar-2010
https://dl.acm.org/doi/10.1007/978-3-642-12189-0_39
Romano LVianello VD'antonio SGiordano S(2009)Using data correlation to build an intrusion detection systemProceedings of the 10th WSEAS international conference on Automation & information10.5555/1562010.1562074(342-347)Online publication date: 23-Mar-2009
https://dl.acm.org/doi/10.5555/1562010.1562074
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Table of Contents