Arun Sood , George Mason University, Fairfax
Quyen Nguyen , George Mason University, Fairfax
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.145
Today, institutions want to build open systems and provide services to the public via the Internet. Such systems would potentially expose security vulnerabilities, and become susceptible to attacks. Therefore, security is critical in order to ensure confidentiality, integrity, and availability for system data and services. With increasing sophistication of security attacks the protection of open system is more challenging. Intrusion tolerance should be part of the overall defense in-depth security solution. In this paper, we will study and compare different approaches to intrusion-tolerant system architectures, focusing on three different lines of approach. The case study of an Open Archival Information System will be used to illustrate the security features of those architectures in the face of malicious attacks. We also include a qualitative and comparative analysis with respect to confidentiality, integrity, availability, and data ex-filtration.
D.0 General, D.2.4.d Formal methods, D.4.6.a Access controls, D.4.6.b Authentication, K.4.4.f Security, K.4.4.g Internet security policies, K.6.5.a Authentication, K.6.5.c Invasive software (viruses, worms, Trojan horses), K.6.5.e Unauthorized access (hacking, phreaking), K.6.m.b Security, C.4.f Reliability, availability, and serviceability, D.2.9.m Risk management, D.4.5.e High availability, D.4.6.d Information flow controls, Intrusion Tolerance, Data exfiltration
Arun Sood, Quyen Nguyen, "Comparative Analysis of Intrusion-Tolerant System Architectures", IEEE Security & Privacy, , no. 1, pp. , PrePrints PrePrints, doi:10.1109/MSP.2010.145