The DPASA Survivable JBI—A High-Water Mark in Intrusion-Tolerant Systems1
نویسندگان
چکیده
In this paper, we describe the design, development, and validation of an information system that has recently set a new high-water mark for intrusion tolerance. The system, known as the DPASA Survivable JBI, conforms to an abstract architecture for survivable systems and integrates concrete defense mechanisms for preventing intrusion and for detecting and responding to intrusions that cannot be prevented. The system has shown a high level of resistance to sustained attacks by sophisticated adversaries.
منابع مشابه
Toward Survivable Intrusion-Tolerant Open-Source SCADA
As vital components of critical infrastructure, SCADA systems must continue to operate correctly and at their expected level of performance at all times. However, current SCADA systems are vulnerable to intrusions, and even a single compromise can cause catastrophic consequences. We present the architecture of and initial steps toward the first intrusion-tolerant open-source SCADA system that i...
متن کاملConstructing a Practical Intrusion Tolerant Replication System
The increasing number of cyber attacks against critical infrastructures, which typically require large state and long system lifetimes, necessitates the design of systems that are able to work correctly even if part of them is compromised. We present the first practical survivable intrusion tolerant replication system, which defends across space and time using compiler-based diversity and proac...
متن کاملExperiences on Intrusion Tolerance Distributed Systems
Distributed systems today are very vulnerable to malicious attacks, either from insiders or outsiders. When an attacker controls a component of the system, he may steal some sensitive information, create some false information, or prevent legitimate users from using the system. An intrusion-tolerant distributed system is a system which is designed so that any intrusion into a part of the system...
متن کاملDependability and Performance Evaluation of Intrusion-Tolerant Server Architectures
In this work, we present a first effort at quantitatively comparing the strengths and limitations of various intrusion-tolerant server architectures. We study four representative architectures, and use stochastic models to quantify the costs and benefits of each from both the performance and dependability perspectives. We present results characterizing throughput and availability, the effective...
متن کاملSystematic Generation of Stochastic Diversity as an Intrusion Barrier in Survivable Systems Software
Survivable systems software must exhibit high resistance to intrusion. A process of stochastic diversification can help increase resistance to intrusion through random obscuration of survivable system properties. Intruders often rely on analysis of source code to identify and exploit vulnerabilities in software. The ability of intruders to understand and analyze code can be dramatically reduced...
متن کامل