Name
Title | ||
|---|---|---|
An approach to intrusion tolerance for mission-critical services using adaptability and diverse replication |
Abstract | ||
|---|---|---|
In many mission-critical applications, important services should be maintained properly under any circumstances including the presence of compromised components incurred by outside intentional attacks. In the paper, a two-level approach for the intrusion tolerance is presented. At the node level, by means of dynamic resource reallocation within a computing node, the critical services previously selected are to survive even after the occurrence of an attack. If it becomes impossible to find enough resources for the critical services within the node in spite of the adaptive actions taken at the node level, it moves to the system level. The system level mechanism is to deliver the intended services transparently to the clients even when a node fails. An architecture adopting diverse redundant computing nodes is proposed for that purpose. Through the experiments on a test-bed, especially, for web services, the approach turned out very effective to cope with not only denial of service attacks but also confidentiality and integrity attacks. Although the measurement of the timing overhead incurred by the approach represents 50% loss in performance, it seem possible to decrease the cost by optimizing the implementation. |
Year | DOI | Venue |
|---|---|---|
2004 | 10.1016/S0167-739X(03)00146-8 | Future Generation Comp. Syst. |
Keywords | Field | DocType |
mission-critical services,node level,system level,intrusion tolerance,dynamic resource reallocation,system level mechanism,two-level approach,adaptive action,enough resource,critical service,diverse redundant computing node,intrusion,adaptability,computing node,diverse replication,mission-critical service,web service,test bed,denial of service attack | Denial-of-service attack,Computer science,Computer security,Computer network,Real-time computing,Mission critical,Spite,Distributed computing,Adaptability,Architecture,Confidentiality,Intrusion tolerance,Web service | Journal |
Volume | Issue | ISSN |
20 | 2 | Future Generation Computer Systems |
Citations | PageRank | References |
4 | 0.50 | 2 |
Authors | ||
2 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Byoung-Joon Min | 1 | 8 | 4.39 |
| Joong Sup Choi | 2 | 6 | 1.57 |