DocumentCode
3218765
Title
Intrusion tolerant software architectures
Author
Stavridou, Victoria ; Dutertre, Bruno ; Riemenschneider, R.A. ; Saïdi, Hassen
Author_Institution
Syst. Design Lab., SRI Int., Menlo Park, CA, USA
Volume
2
fYear
2001
fDate
2001
Firstpage
230
Abstract
The complexity of the software systems built today virtually guarantees the existence of security vulnerabilities. When the existence of specific vulnerabilities becomes known - typically as a result of detecting a successful attack - intrusion prevention techniques such as firewalls and anti-virus software seek to prevent future attackers from exploiting these vulnerabilities. However, vulnerabilities cannot be totally eliminated, their existence is not always known and preventing mechanisms cannot always be built. Intrusion tolerance is a new concept, a new design paradigm, and potentially a new capability for dealing with residual security vulnerabilities. In this article, we describe our initial exploration of the hypothesis that intrusion tolerance is best designed and enforced at the software architecture level
Keywords
security of data; software architecture; anti-virus software; design paradigm; firewalls; intrusion prevention techniques; intrusion-tolerant software architectures; residual security vulnerabilities; software system complexity; Buildings; Computer architecture; Contracts; Fault detection; Intrusion detection; Laboratories; National security; Protection; Software architecture; Software systems;
fLanguage
English
Publisher
ieee
Conference_Titel
DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
Conference_Location
Anaheim, CA
Print_ISBN
0-7695-1212-7
Type
conf
DOI
10.1109/DISCEX.2001.932175
Filename
932175
Link To Document