Issue No.04 - April (2010 vol.21)
Paulo Sousa , Ciencias da Univ. Lisboa, Lisboa
Alysson Neves Bessani , Ciencias da Univ. Lisboa, Lisboa
Miguel Correia , Ciencias da Univ. Lisboa, Lisboa
Nuno Ferreira Neves , Ciencias da Univ. Lisboa, Lisboa
Paulo Verissimo , Ciencias da Univ. Lisboa, Lisboa
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TPDS.2009.83
In the past, some research has been done on how to use proactive recovery to build intrusion-tolerant replicated systems that are resilient to any number of faults, as long as recoveries are faster than an upper bound on fault production assumed at system deployment time. In this paper, we propose a complementary approach that enhances proactive recovery with additional reactive mechanisms giving correct replicas the capability of recovering other replicas that are detected or suspected of being compromised. One key feature of our proactive-reactive recovery approach is that, despite recoveries, it guarantees the availability of a minimum number of system replicas necessary to sustain correct operation of the system. We design a proactive-reactive recovery service based on a hybrid distributed system model and show, as a case study, how this service can effectively be used to increase the resilience of an intrusion-tolerant firewall adequate for the protection of critical infrastructures.
Intrusion tolerance, proactive recovery, reactive recovery, firewall.
Paulo Sousa, Alysson Neves Bessani, Miguel Correia, Nuno Ferreira Neves, Paulo Verissimo, "Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery", IEEE Transactions on Parallel & Distributed Systems, vol.21, no. 4, pp. 452-465, April 2010, doi:10.1109/TPDS.2009.83