A Novel Approach to Building Intrusion Tolerant Systems
Document Type
Article
Publication Date
3-1-2014
Publication Title
International Journal of Performability Engineering
Abstract
A novel approach of structuring mission-critical systems with an emphasis on intrusion tolerance is described. Key components in the proposed system include traffic regulation, application request processing, state protection, integrity checking, and process/node health monitoring. In particular, the separation of execution and state management enables the use of a single process to manage application requests, thereby reducing run-time overhead and enables highly concurrent executions. Furthermore, intrusion attacks are mitigated by two means: (1) append-only state logging so that a compromised execution node cannot corrupt state updates from other nodes; and (2) acceptance testing as a way to verify the integrity of the execution of application requests. When an attack is detected, the malformed requests that materialized the attack are quarantined, and such requests (current and future ones) are rejected.
Repository Citation
Zhao, Wenbing, "A Novel Approach to Building Intrusion Tolerant Systems" (2014). Electrical and Computer Engineering Faculty Publications. 263.
https://engagedscholarship.csuohio.edu/enece_facpub/263
Volume
10
Issue
2