• DocumentCode
    2175444
  • Title

    Developing a heterogeneous intrusion tolerant CORBA system

  • Author

    Sames, David ; Matt, Brian ; Niebuhr, Brian ; Tally, Gregg ; Whitmore, Brent ; Bakken, David

  • Author_Institution
    Distributed Syst. Security Dept., Network Associates Inc, Glenwood, MD, USA
  • fYear
    2002
  • fDate
    2002
  • Firstpage
    239
  • Lastpage
    248
  • Abstract
    Intrusion tolerant systems provide high-integrity and high-availability services to their clients in the face of successful attacks from an adversary. The Intrusion Tolerant Distributed Object Systems (ITDOS) research project is developing an architecture for a heterogeneous intrusion tolerant distributed object system. ITDOS integrates a Byzantine Fault Tolerant multicast protocol into an open-source CORBA ORB to provide intrusion tolerant middleware. This foundation allows up to f simultaneous Byzantine failures of replicated servers in a system of at least 3f+1 replicas. Voting on unmarshalled CORBA messages allows heterogeneous application implementations for a given service, allowing for greater diversity in implementation and greater survivability. Symmetric encryption session keys generated by distributed pseudo-random function techniques provide confidential client-server communications. This paper overviews the ITDOS architecture, discusses some of the challenging technical issues related to intrusion tolerance in heterogeneous middleware systems, and offers views on future areas of work.
  • Keywords
    client-server systems; data privacy; distributed object management; fault tolerant computing; multicast communication; protocols; security of data; Byzantine Fault Tolerant multicast protocol; ITDOS research project; Intrusion Tolerant Distributed Object Systems; confidential client-server communications; distributed pseudo-random function techniques; heterogeneous intrusion tolerant CORBA system; high-availability services; high-integrity; middleware; open-source CORBA ORB; replicated servers; survivability; symmetric encryption session keys; Computer architecture; Computer science; Computer security; Cryptography; Fault tolerance; Information systems; Middleware; Multicast protocols; Open source software; Voting;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Dependable Systems and Networks, 2002. DSN 2002. Proceedings. International Conference on
  • Print_ISBN
    0-7695-1101-5
  • Type

    conf

  • DOI
    10.1109/DSN.2002.1028905
  • Filename
    1028905