Sixth IEEE International Symposium on Cluster Computing and the Grid Workshops (CCGRIDW'06) Closing Cluster Attack Windows Through Server Redundancy and Rotations Singapore May 16-May 19 ISBN: 0-7695-2585-7
It is well-understood that increasing redundancy in a system generally improves the availability and dependability of the system. In server clusters, one important form of redundancy is spare servers. Cluster security, while universally recognized as an important subject in its own right, has not often been associated with the issue of redundancy. In prior work, we developed a Self-Cleansing Intrusion Tolerance (SCIT) architecture that strengthens cluster security through periodic server rotations and self-cleansing. In this work,1 we consider the servers in the cleansing mode as redundant, spare hardware and develop a unified control algorithm that manages the requirements of both security and service availability. We will show the advantages of our algorithm in the following areas: (1) Intrusion tolerance through constant server rotations and cleansing, (2) Survivability in events of server failures, (3) Guarantee of service availability as long as the cluster has a minimum number of functioning servers, and (4) Scalability, the support of using high degrees of hardware/server redundancy to improve security and fault tolerance. We provide proofs for important properties of the proposed algorithm. The effects of varying degrees of server redundancy in reducing attack windows are investigated through simulation.
Citation:
Yih Huang, David Arsenault, Arun Sood, "Closing Cluster Attack Windows Through Server Redundancy and Rotations," ccgrid, vol. 2, pp.21, Sixth IEEE International Symposium on Cluster Computing and the Grid Workshops (CCGRIDW'06), 2006 Usage of this product signifies your acceptance of the Terms of Use. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb