DocumentCode
2175444
Title
Developing a heterogeneous intrusion tolerant CORBA system
Author
Sames, David ; Matt, Brian ; Niebuhr, Brian ; Tally, Gregg ; Whitmore, Brent ; Bakken, David
Author_Institution
Distributed Syst. Security Dept., Network Associates Inc, Glenwood, MD, USA
fYear
2002
fDate
2002
Firstpage
239
Lastpage
248
Abstract
Intrusion tolerant systems provide high-integrity and high-availability services to their clients in the face of successful attacks from an adversary. The Intrusion Tolerant Distributed Object Systems (ITDOS) research project is developing an architecture for a heterogeneous intrusion tolerant distributed object system. ITDOS integrates a Byzantine Fault Tolerant multicast protocol into an open-source CORBA ORB to provide intrusion tolerant middleware. This foundation allows up to f simultaneous Byzantine failures of replicated servers in a system of at least 3f+1 replicas. Voting on unmarshalled CORBA messages allows heterogeneous application implementations for a given service, allowing for greater diversity in implementation and greater survivability. Symmetric encryption session keys generated by distributed pseudo-random function techniques provide confidential client-server communications. This paper overviews the ITDOS architecture, discusses some of the challenging technical issues related to intrusion tolerance in heterogeneous middleware systems, and offers views on future areas of work.
Keywords
client-server systems; data privacy; distributed object management; fault tolerant computing; multicast communication; protocols; security of data; Byzantine Fault Tolerant multicast protocol; ITDOS research project; Intrusion Tolerant Distributed Object Systems; confidential client-server communications; distributed pseudo-random function techniques; heterogeneous intrusion tolerant CORBA system; high-availability services; high-integrity; middleware; open-source CORBA ORB; replicated servers; survivability; symmetric encryption session keys; Computer architecture; Computer science; Computer security; Cryptography; Fault tolerance; Information systems; Middleware; Multicast protocols; Open source software; Voting;
fLanguage
English
Publisher
ieee
Conference_Titel
Dependable Systems and Networks, 2002. DSN 2002. Proceedings. International Conference on
Print_ISBN
0-7695-1101-5
Type
conf
DOI
10.1109/DSN.2002.1028905
Filename
1028905
Link To Document