Skip to main content

Intrusion-Tolerant Architectures: Concepts and Design

  • Conference paper
  • First Online:
Architecting Dependable Systems

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2677))

Abstract

There is a significant body of research on distributed computing architectures, methodologies and algorithms, both in the fields of fault tolerance and security. Whilst they have taken separate paths until recently, the problems to be solved are of similar nature. In classical dependability, fault tolerance has been the workhorse of many solutions. Classical security-related work has on the other hand privileged, with few exceptions, intrusion prevention. Intrusion tolerance (IT) is a new approach that has slowly emerged during the past decade, and gained impressive momentum recently. Instead of trying to prevent every single intrusion, these are allowed, but tolerated: the system triggers mechanisms that prevent the intrusion from generating a system security failure. The paper describes the fundamental concepts behind IT, tracing their connection with classical fault tolerance and security. We discuss the main strategies and mechanisms for architecting IT systems, and report on recent advances on distributed IT system architectures.

Navigators Home Page: http://www.navigators.di.fc.ul.pt. Work partially supported by the EC, through project IST-1999-11583 (MAFTIA), and FCT, through the Large-Scale Informatic Systems Laboratory (LaSIGE), and projects POSI/1999/CHS/33996 (DEFEATS) and POSI/CHS/39815/2001 (COPE).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Adelsbach, A., Alessandri, D., Cachin, C., Creese, S., Deswarte, Y., Kursawe, K., Laprie, J.C., Powell, D., Randell, B., Riordan, J., Ryan, P., Simmonds, W., Stroud, R., Veríssimo, P., Waidner, M., Wespi, A.: Conceptual Model and Architecture of MAFTIA. Project MAPTIA IST-1999-11583 deliverable D21. (2002) http://www.research.ec.org/maftia/deliverables/D21_OnlinePDF.pdf.

  2. Alvisi, L., Malkhi, D., Pierce, E., Reiter, M.K., Wright, R.N.: Dynamic Byzantine quorum systems. In: Proceedings of the IEEE International Conference on Dependable Systems and Networks. (2000) 283–292

    Google Scholar 

  3. Amir, Y., Kim, Y., Nita-Rotaru, C., Schultz, J., Stanton, J., Tsudik, G.: Exploring robustness in group key agreement. In: Proceedings of the 21th IEEE International Conference on Distributed Computing Systems. (2001) 399–408

    Google Scholar 

  4. Ateniese, G., Steiner, M., Tsudik, G.: New multi-party authentication services and key agreement protocols. IEEE J. of Selected Areas on Communications 18 (2000)

    Article  Google Scholar 

  5. Avizienis, A., Laprie, J.C., Randell, B.: Fundamental concepts of dependability. Technical Report 01145, LAAS-CNRS, Toulouse, France (2001)

    Google Scholar 

  6. Bracha, G., Toueg, S.: Asynchronous consensus and broadcast protocols. Journal of the ACM 32 (1985) 824–840

    Article  MathSciNet  Google Scholar 

  7. Cachin, C., Correia, M., McCutcheon, T., Neves, N., Pfitzmann, B., Randell, B., Schunter, M., Simmonds, W., Stroud, R., Veríssimo, P., Waidner, M., Welch, I.: Service and Protocol Architecture for the MAFTIA Middleware. Project MAFTIA IST-1999-11583 deliverable D23. (2001) http://www.research.ec.org/maftia/deliverables/D23final_OnlinePDF.pdf.

  8. Cachin, C., Poritz, J.A.: Hydra: Secure replication on the internet. In: Proceedings of the International Conference on Dependable Systems and Networks. (2002)

    Google Scholar 

  9. Canetti, R., Gennaro, R., Herzberg, A., Naor, D.: Proactive security: Long-term protection against break-ins. RSA CryptoBytes 3 (1997) 1–8

    Google Scholar 

  10. Castro, M., Liskov, B.: Practical Byzantine fault tolerance. In: Proceedings of the Third Symposium on Operating Systems Design and Implementation. (1999)

    Google Scholar 

  11. Connelly, K., Chien, A.A.: Breaking the barriers: High performance security for high performance computing. In: Proc. New Security Paradigms Workshop. (2002)

    Google Scholar 

  12. Correia, M., Lung, L.C., Neves, N.F., Veríssimo, P.: Efficient Byzantine-resilient reliable multicast on a hybrid failure model. In: Proceedings of the 21st IEEE Symposium on Reliable Distributed Systems. (2002) 2–11

    Google Scholar 

  13. Correia, M., Veríssimo, P., Neves, N.F.: The design of a COTS real-time distributed security kernel. In: Proceedings of the Fourth European Dependable Computing Conference. (2002) 234–252

    Google Scholar 

  14. Cukier, M., Lyons, J., Pandey, P., Ramasamy, H.V., Sanders, W.H., Pal, P., Webber, F., Schantz, R., Loyall, J., Watro, R., Atighetchi, M., Gossett, J.: Intrusion tolerance approaches in ITUA (fast abstract). In: Supplement of the 2001 International Conference on Dependable Systems and Networks. (2001) 64–65

    Google Scholar 

  15. Debar, H., Wespi, A.: Aggregation and correlation of intrusion detection alerts. In: 4th Workshop on Recent Advances in Intrusion Detection. Volume 2212 of Lecture Notes in Computer Science. Springer-Verlag (2001) 85–103

    Chapter  Google Scholar 

  16. Deswarte, Y., Blain, L., Fabre, J.C.: Intrusion tolerance in distributed computing systems. In: Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy. (1991) 110–121

    Google Scholar 

  17. Dobson, J., Randell, B.: Building reliable secure computing systems out of unreliable insecure components. In: Proceedings of the International Symposium on Security and Privacy, IEEE (1986) 187–193

    Google Scholar 

  18. Dutertre, B., Crettaz, V., Stavridou, V.: Intrusion-tolerant Enclaves. In: Proceedings of the IEEE International Symposium on Security and Privacy. (2002)

    Google Scholar 

  19. Fraga, J.S., Powell, D.: A fault-and intrusion-tolerant file system. In: Proceedings of the 3rd International Conference on Computer Security. (1985) 203–218

    Google Scholar 

  20. Hadzilacos, V., Toueg, S.: A modular approach to fault-tolerant broadcasts and related problems. Technical Report TR94-1425, Cornell University, Department of Computer Science (1994)

    Google Scholar 

  21. Hiltunen, M., Schlichting, R., Ugarte, C.A.: Enhancing survivability of security services using redundancy. In: Proceedings of the IEEE International Conference on Dependable Systems and Networks. (2001) 173–182

    Google Scholar 

  22. Kihlstrom, K.P., Moser, L.E., Melliar-Smith, P.M.: The SecureRing group communication system. ACM Transactions on Information and System Security 4 (2001) 371–406

    Article  Google Scholar 

  23. Knight, J., Heimbigner, D., Wolf, A., Carzaniga, A., Hill, J., Devanbu, P.: The Willow survivability architecture. In: Proceedings of the 4th Information Survivability Workshop. (2001)

    Google Scholar 

  24. Malkhi, D., Reiter, M.K., Tulone, D., Ziskind, E.: Persistent objects in the Fleet system. In: Proceedings of the 2nd DARPA Information Survivability Conference and Exposition (DISCEX II). (2001)

    Google Scholar 

  25. Meyer, F., Pradhan, D.: Consensus with dual failure modes. In: Proc. of the 17th IEEE International Symposium on Fault-Tolerant Computing. (1987) 214–222

    Article  Google Scholar 

  26. Nicomette, V., Deswarte, Y.: An Authorization Scheme for Distributed Object Systems. In: IEEE Symposium on Research in Privacy and Security. (1996) 31–40

    Google Scholar 

  27. Pfitzmann, B., Waidner, M.: A model for asynchronous reactive systems and its application to secure message transmission. In: Proceedings of the IEEE Symposium on Research in Security and Privacy. (2001) 184–200

    Google Scholar 

  28. Powell, D., Seaton, D., Bonn, G., Veríssimo, P., Waeselynk, F.: The Delta-4 approach to dependability in open distributed computing systems. In: Proceedings of the 18th IEEE International Symposium on Fault-Tolerant Computing. (1988)

    Google Scholar 

  29. Powell, D., ed.: Delta-4: A Generic Architecture for Dependable Distributed Processing. Springer-Verlag (1991) Research Reports ESPRIT.

    Google Scholar 

  30. Powell, D.: Fault assumptions and assumption coverage. In: Proceedings of the 22nd IEEE International Symposium of Fault-Tolerant Computing. (1992)

    Google Scholar 

  31. Reiter, M.K.: The Rampart toolkit for building high-integrity services. In: Theory and Practice in Distributed Systems. Volume 938 of Lecture Notes in Computer Science. Springer-Verlag (1995) 99–110

    Chapter  Google Scholar 

  32. Schneider, F.B.: The state machine approach: A tutorial. Technical Report TR86-800, Cornell University, Computer Science Department (1986)

    Google Scholar 

  33. Veríssimo, P., Rodrigues, L.: Distributed Systems for System Architects. Kluwer Academic Publishers (2001)

    Google Scholar 

  34. Veríssimo, P., Rodrigues, L., Casimiro, A.: Cesiumspray: A precise and accurate global clock service for large-scale systems. Journal of Real-Time Systems 12 (1997) 243–294

    Article  Google Scholar 

  35. Veríssimo, P.: Uncertainty and predictability: Can they be reconciled? In: Future Directions in Distributed Computing. Springer-Verlag LNCS 2584 (2003) —

    Chapter  Google Scholar 

  36. Veríssimo, P., Casimiro, A., Fetzer, C.: The Timely Computing Base: Timely actions in the presence of uncertain timeliness. In: Proceedings of the International Conference on Dependable Systems and Networks. (2000) 533–542

    Google Scholar 

  37. Xu, J., Randell, B., Romanovsky, A., Rubira, C., Stroud, R.J., Wu, Z.: Fault tolerance in concurrent object-oriented software through coordinated error recovery. In: Proceedings of the 25th IEEE International Symposium on Fault-Tolerant Computing. (1995) 499–508

    Google Scholar 

  38. Zhou, L., Schneider, F., van Renesse, R.: COCA: A secure distributed on-line certification authority. ACM Trans, on Computer Systems 20 (2002) 329–368

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Veríssimo, P.E., Neves, N.F., Correia, M.P. (2003). Intrusion-Tolerant Architectures: Concepts and Design. In: de Lemos, R., Gacek, C., Romanovsky, A. (eds) Architecting Dependable Systems. Lecture Notes in Computer Science, vol 2677. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45177-3_1

Download citation

  • DOI: https://doi.org/10.1007/3-540-45177-3_1

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40727-0

  • Online ISBN: 978-3-540-45177-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics