Resilient Intrusion Tolerance through Proactive and Reactive Recovery

Bibliographic Details
Main Author: Sousa, Paulo
Publication Date: 2007
Other Authors: Bessani, Alysson Neves, Correia, Miguel, Neves, Nuno Ferreira, Veríssimo, Paulo
Format: Report
Language: por
Source: Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Download full: http://hdl.handle.net/10451/14127
Summary: Previous works have studied how to use proactive recovery to build intrusion-tolerant replicated systems that are resilient to any number of faults, as long as recoveries are faster than an upper-bound on fault production assumed at system deployment time. In this work, we propose a complementary approach that combines proactive recovery with services that allow correct replicas to react and recover replicas that they detect or suspect to be compromised. One key feature of our proactive-reactive recovery approach is that, despite recoveries, it guarantees the availability of the minimum amount of system replicas necessary to sustain system's correct operation. We design a proactive-reactive recovery service based on a hybrid distributed system model and show, as a case study, how this service can effectively be used to augment the resilience of an intrusion-tolerant firewall adequate for the protection of critical infrastructures
id RCAP_4f095d45f2993cd2283be373c592ff9c
oai_identifier_str oai:repositorio.ulisboa.pt:10455/3024
network_acronym_str RCAP
network_name_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str https://opendoar.ac.uk/repository/7160
spelling Resilient Intrusion Tolerance through Proactive and Reactive RecoveryIntrusion ToleranceProactive RecoveryReactive RecoveryFirewallPrevious works have studied how to use proactive recovery to build intrusion-tolerant replicated systems that are resilient to any number of faults, as long as recoveries are faster than an upper-bound on fault production assumed at system deployment time. In this work, we propose a complementary approach that combines proactive recovery with services that allow correct replicas to react and recover replicas that they detect or suspect to be compromised. One key feature of our proactive-reactive recovery approach is that, despite recoveries, it guarantees the availability of the minimum amount of system replicas necessary to sustain system's correct operation. We design a proactive-reactive recovery service based on a hybrid distributed system model and show, as a case study, how this service can effectively be used to augment the resilience of an intrusion-tolerant firewall adequate for the protection of critical infrastructuresDepartment of Informatics, University of LisbonRepositório da Universidade de LisboaSousa, PauloBessani, Alysson NevesCorreia, MiguelNeves, Nuno FerreiraVeríssimo, Paulo2009-02-10T13:12:00Z2007-102007-10-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/reportapplication/pdfhttp://hdl.handle.net/10451/14127porinfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2025-03-17T13:12:35Zoai:repositorio.ulisboa.pt:10455/3024Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-29T02:37:32.540035Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv Resilient Intrusion Tolerance through Proactive and Reactive Recovery
title Resilient Intrusion Tolerance through Proactive and Reactive Recovery
spellingShingle Resilient Intrusion Tolerance through Proactive and Reactive Recovery
Sousa, Paulo
Intrusion Tolerance
Proactive Recovery
Reactive Recovery
Firewall
title_short Resilient Intrusion Tolerance through Proactive and Reactive Recovery
title_full Resilient Intrusion Tolerance through Proactive and Reactive Recovery
title_fullStr Resilient Intrusion Tolerance through Proactive and Reactive Recovery
title_full_unstemmed Resilient Intrusion Tolerance through Proactive and Reactive Recovery
title_sort Resilient Intrusion Tolerance through Proactive and Reactive Recovery
author Sousa, Paulo
author_facet Sousa, Paulo
Bessani, Alysson Neves
Correia, Miguel
Neves, Nuno Ferreira
Veríssimo, Paulo
author_role author
author2 Bessani, Alysson Neves
Correia, Miguel
Neves, Nuno Ferreira
Veríssimo, Paulo
author2_role author
author
author
author
dc.contributor.none.fl_str_mv Repositório da Universidade de Lisboa
dc.contributor.author.fl_str_mv Sousa, Paulo
Bessani, Alysson Neves
Correia, Miguel
Neves, Nuno Ferreira
Veríssimo, Paulo
dc.subject.por.fl_str_mv Intrusion Tolerance
Proactive Recovery
Reactive Recovery
Firewall
topic Intrusion Tolerance
Proactive Recovery
Reactive Recovery
Firewall
description Previous works have studied how to use proactive recovery to build intrusion-tolerant replicated systems that are resilient to any number of faults, as long as recoveries are faster than an upper-bound on fault production assumed at system deployment time. In this work, we propose a complementary approach that combines proactive recovery with services that allow correct replicas to react and recover replicas that they detect or suspect to be compromised. One key feature of our proactive-reactive recovery approach is that, despite recoveries, it guarantees the availability of the minimum amount of system replicas necessary to sustain system's correct operation. We design a proactive-reactive recovery service based on a hybrid distributed system model and show, as a case study, how this service can effectively be used to augment the resilience of an intrusion-tolerant firewall adequate for the protection of critical infrastructures
publishDate 2007
dc.date.none.fl_str_mv 2007-10
2007-10-01T00:00:00Z
2009-02-10T13:12:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/report
format report
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10451/14127
url http://hdl.handle.net/10451/14127
dc.language.iso.fl_str_mv por
language por
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Department of Informatics, University of Lisbon
publisher.none.fl_str_mv Department of Informatics, University of Lisbon
dc.source.none.fl_str_mv reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron:RCAAP
instname_str FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str RCAAP
institution RCAAP
reponame_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv info@rcaap.pt
_version_ 1833601431471390720

Similar Items