An intrusion tolerant architecture for dynamic content internet servers

Proceedings of the ACM Workshop on Survivable and Self-Regenerative Systems

Volumn , Issue , 2003, Pages 110-114

  Saidane, Ayda ^a   Deswarte, Yves ^a   Nicomette, Vincent ^a  

^a LAAS CNRS   (France)

Author keywords

Adaptive redundancy; Fault tolerance; Intrusion tolerance

Indexed keywords

CLIENT SERVER COMPUTER SYSTEMS; COMPUTER ARCHITECTURE; FAULT TOLERANT COMPUTER SYSTEMS; SERVERS; TELECOMMUNICATION SERVICES;

ADAPTIVE REDUNDANCY; INTERNET SERVERS; INTERNET SERVICES; INTRUSION TOLERANCE;

INTERNET;

EID: 2642529568     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1036921.1036934     Document Type: Conference Paper

References (16)

1. A. Valdes et al., "An Adaptive Intrusion-Tolerant Server Architecture", in Proc. 10th International Workshop on Security Protocols, Cambridge (UK), April 2002, to appear in Springer LNCS Series.
2. Information Technology Security Evaluation Criteria (ITSEC), Office for Official Publications of the European Communities, ISBN 92-826-3004-8, June 1991.
3. A. Adelsbach et al., Malicious- and Accidental-Fault Tolerance for Internet Applications: Conceptual Model and Architecture, Project IST-1999-11583 MAFTIA, Deliverable D21, January 2003, 123 pp., available at .
4. Y. Deswarte et al., "Intrusion tolerance in distributed computing systems", in Proc. of the IEEE Symposium on Security and Privacy, Oakland, CA (USA), May 1991, pp. 110-121.
5. J.J. Wylie, M.W. Bigrigg, J.D. Strunk, G.R. Ganger, H. Kiliccote, and P.K. Khosla, "Survivable information storage systems", IEEE Computer, 3(8):61-68. August 2000.
6. P. Luenam and P. Liu, "The Design of an Adaptive Intrusion Tolerant Database System", IEEE Workshop on Intrusion Tolerant Systems, Sup. of the Proc. of the 2002 International Conference on Dependable Systems and Networks, June 2002, pp. C.2.1-C.2.8.
7. M. Tallis and R. Balzer, "Document Integrity through Mediated Interfaces", in Proc. of 2nd DARPA Information Survivability Conference and Exposition, Anaheim, CA (USA), 12-14 June 2001.
8. F. Wang et al. SITAR: A Scalable Intrusion Tolerance Architecture for Distributed Server IEEE 2nd SMC Information Assurance Workshop, West Point, New York, 2001.
9. Y. Deswarte et al., "Diversity against Accidental and Deliberate Faults", Computer Security, Dependability, & Assurance: From Needs to Solutions, IEEE Computer Society, Eds. P.Ammann, B.H.Barnes, S.Jajodia, E.H.Sibley, ISBN 0-7695-0337-3, 1999, pp. 171-181.
10. T.E. Uribe et al., "Intrusion Tolerance and Worm Spread", Sup. of the Proc. of the 2003 International Conference on Dependable Systems and Networks, San Francisco, CA (USA), June 2003, pp. B-16-B-17.
11. SPI Labs, SQL Injection: Are your Web Applications Vulnerable?, http://www.spidynamics.com/whitepapers/WhitepaperSQLInjection.pdf
12. Y. Deswarte et al., "Remote Integrity Checking", to appear in Proc. of the 2003 IFIP WG 11.5 Conference on Integrity and Internal Control in Information Systems, IICIS-2003, November 2003, Lausanne, Switzerland.
13. J. Levy et al., "Combining monitors for run-time system verification". Electronic Notes in Theoretical Computer Science, 70(4), Elsevier Science, December 2002.
14. C. Cowen, "Software security for open source systems", IEEE Security and Privacy, January/February 2003, pp. 38-45.
15. CERT, Advisory CA-2003-04, http://www.cert.org/advisories/CA-2003-04.html
16. R. Chinchani et al., "A Tamper-Resistant Framework for Unambiguous Detection of Attacks in User Space Using Process Monitors", IEEE Workshop on Information Assurance, Darmstadt, Germany, March 2003