Skip to main content
SpringerLink
Log in

Intrusion-Tolerant Security Servers for Delta-4

  • Conference paper
ESPRIT ’90

Abstract

This paper describes a new approach for security in open distributed systems. This approach is currently developed in the framework of the Delta4 project. After a few reminders about two existing distributed security architectures, the proposed “intrusion-tolerant” approach is specified. It is based on a fragmentation-scattering technique applied to a security server running on several security sites. These sites are such that intrusions into a number of sites less than a given threshold have no consequence on the global security. The different security services provided are then presented.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. BELL D. E. and LAPADULA L. J, “Secure Computer Systems: Mathematical Foundations and Model”, M74-244, MITRE Co., October 1974.

    Google Scholar 

  2. BLAKLEY G. R, “Safeguarding Cryptographic Keys”, Proc. NCC, Vol. 48, AFIPS Press, Montvale N. J., 1979, pp. 313–317.

    Google Scholar 

  3. DENNING D. E., “An Intrusion-Detection Model”, Proc. of IEEE Symp. on Security and Privacy, Oakland, April 1986, pp. 118–132.

    Google Scholar 

  4. D.o.D., “Department of Defense Trusted Computer System Evaluation Criteria”, DOD 5200.28-STD, December 1985.

    Google Scholar 

  5. FIAT A., SHAMIR A., “How to Prove Yourself: Practical Solutions of Identification and Signature Problems”, Advances in Cryptology — CRYPTO’86. Santa Barbara, August 1986, Lecture Notes in Computer Science Vol. 263, Springer Verlag, ISBN 0-387-18047-8, pp.186–194.

    Google Scholar 

  6. FRAGA J., POWELL D., “A Fault and Intrusion-Tolerant file System”, in Computer Security: the practical issues in a troubled world, Proc. 3rd Int. Cong, on Comp. Security (IFIP/SEC’85), Dublin, Ireland, August 1985, ISBN 0-1-87801-7, pp. 203–218.

    Google Scholar 

  7. FRAY J.M., DESWARTE Y., POWELL D., “Intrusion-Tolerance using Fine-Grain Fragmentation Scattering”, Proc. on the 1986 IEEE Symp. on Security and Privacy, Oakland, April 1986, pp. 194–201.

    Google Scholar 

  8. GUILLOU L.C., QUISQUATER J.J., “A Practical Zero-knowledge Protocol Fitted to Security Microprocessor Minimizing both Transmission and Memory”, Advances in Criptology - Eurocrypt 88, Davos, Switzerland, May 1988, Lecture Notes in Computer Science Vol. 330, Springer Verlag, ISBN 0-387-50251-3, pp. 123–128.

    Google Scholar 

  9. HARRISON M. A., RUZZO W. L. and ULLMAN J. D., “Protection in Operating Systems”, Comm. of ACM, Vol. 19, no 8, August 1976, pp. 461–471.

    Article  MathSciNet  MATH  Google Scholar 

  10. I.S.O., International Standard 7498-2: Information processing systems - OSI Reference model - Part 2: Security Architecture, Tech. Rept. no 2890, ISO/IEC JTCI/SC21, July 1988.

    Google Scholar 

  11. LAPRIE J.C., “Dependability: Basic Concepts and Associated Terminology”, in Dependability Concepts and Terminology, ESPRIT BRA PROJECT 3092 Predictably Dependable Computing Systems, First Year Report, Task A, Vol. 1, May 1990.

    Google Scholar 

  12. MILLER S.P., NEUMAN B.C., SCHILLER J.I. and SALTZER J.H., “Kerberos Authentication and authorization System”, MIT Proj. Athena Technical Plan, Sect. E. 2. 1, December 1987.

    Google Scholar 

  13. N.C.S.C., “Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria”, NCSC-TG-OOS, July 1987.

    Google Scholar 

  14. RANEA P.G., DESWARTE Y., FRAY J.M., POWELL D., “The Security Approach in Delta-4”, Research into Networks and Distributed Applications EUTECO’88, Vienna, Austria, April 1988, ISBN 0111-70428-0, pp. 455–466.

    Google Scholar 

  15. SHAMIR A., “How to Share a Secret”, Comm. of ACM, Vol. 22, no 11, November 1979, pp. 612–613.

    Article  MathSciNet  MATH  Google Scholar 

  16. STEINER J. G., NEUMAN C. and SCHILLER J.I., “Kerberos: An Authentication Service for Open Network Systems”, USENIX Winter Conf., Dallas, February 1988.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LAAS-CNRS, 7, Avenue du Colonel Roche, 31077, TOULOUSE Cedex, France

    Laurent Blain

  2. LAAS-CNRS & INRIA, 7, Avenue du Colonel Roche, 31077, TOULOUSE Cedex, France

    Yves Deswarte

Authors
  1. Laurent Blain
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yves Deswarte
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Rights and permissions

Reprints and permissions

Copyright information

© 1990 ECSC, EEC, EAEC, Brussels and Luxembourg

About this paper

Cite this paper

Blain, L., Deswarte, Y. (1990). Intrusion-Tolerant Security Servers for Delta-4. In: ESPRIT ’90. Springer, Dordrecht. https://doi.org/10.1007/978-94-009-0705-8_25

Download citation

  • DOI: https://doi.org/10.1007/978-94-009-0705-8_25

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-94-010-6803-1

  • Online ISBN: 978-94-009-0705-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation