• DocumentCode
    3218765
  • Title

    Intrusion tolerant software architectures

  • Author

    Stavridou, Victoria ; Dutertre, Bruno ; Riemenschneider, R.A. ; Saïdi, Hassen

  • Author_Institution
    Syst. Design Lab., SRI Int., Menlo Park, CA, USA
  • Volume
    2
  • fYear
    2001
  • fDate
    2001
  • Firstpage
    230
  • Abstract
    The complexity of the software systems built today virtually guarantees the existence of security vulnerabilities. When the existence of specific vulnerabilities becomes known - typically as a result of detecting a successful attack - intrusion prevention techniques such as firewalls and anti-virus software seek to prevent future attackers from exploiting these vulnerabilities. However, vulnerabilities cannot be totally eliminated, their existence is not always known and preventing mechanisms cannot always be built. Intrusion tolerance is a new concept, a new design paradigm, and potentially a new capability for dealing with residual security vulnerabilities. In this article, we describe our initial exploration of the hypothesis that intrusion tolerance is best designed and enforced at the software architecture level
  • Keywords
    security of data; software architecture; anti-virus software; design paradigm; firewalls; intrusion prevention techniques; intrusion-tolerant software architectures; residual security vulnerabilities; software system complexity; Buildings; Computer architecture; Contracts; Fault detection; Intrusion detection; Laboratories; National security; Protection; Software architecture; Software systems;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
  • Conference_Location
    Anaheim, CA
  • Print_ISBN
    0-7695-1212-7
  • Type

    conf

  • DOI
    10.1109/DISCEX.2001.932175
  • Filename
    932175