A Novel Approach to Building Intrusion Tolerant Systems
Volume 10, Number 2, March 2014 - Paper 01 - pp. 123-132
WENBING ZHAODepartment of Electrical and Computing Engineering, Cleveland State University, 2121 Euclid Ave., Cleveland, OH 44115
(Received on March 08, 2013, revised on October 31, 2013)
A novel approach of structuring mission-critical systems with an emphasis on intrusion tolerance is described. Key components in the proposed system include traf?c regulation, application request processing, state protection, integrity checking, and process/node health monitoring. In particular, the separation of execution and state management enables the use of a single process to manage application requests, thereby reducing run-time overhead and enables highly concurrent executions. Furthermore, intrusion attacks are mitigated by two means: (1) append-only state logging so that a compromised execution node cannot corrupt state updates from other nodes; and (2) acceptance testing as a way to verify the integrity of the execution of application requests. When an attack is detected, the malformed requests that materialized the attack are quarantined, and such requests (current and future ones) are rejected.
Click here to download the paper.
Please note : You will need Adobe Acrobat viewer to view the full articles.