• DocumentCode
    3397820
  • Title

    Intrusion tolerant distributed object systems: project summary

  • Author

    Tally, Gregg ; Whitmore, Brent ; Sames, David ; Matt, Brian ; Niebuhr, Brian ; Bakken, David

  • Volume
    2
  • fYear
    2003
  • fDate
    22-24 April 2003
  • Firstpage
    149
  • Abstract
    Intrusion prevention mechanisms and technologies cannot always prevent a well-funded and persistent adversary from penetrating information systems. Middleware is one area where a system can provide intrusion tolerance. Distributed object middleware is considered the most general kind of middleware, and the Common Object Request Broker Architecture (CORBA) is a widely adopted standard for distributed object middleware. The goal of our Intrusion Tolerant Distributed Object Systems (ITDOS) framework is to create an architecture for distributed object systems that can provide high reliability for mission-critical information systems by tolerating Byzantine (arbitrary) faults in object servers. CORBA systems are one of the potential middleware architectures that can be supported by the architecture. From a system-level point of view, this architecture provides additional security in the form of a firewall proxy that can monitor Byzantine fault-tolerant multicast (BFTM) messages at the enclave boundary and minimize the impact of certain denial of service (DoS) attacks.
  • Keywords
    authorisation; distributed object management; middleware; multicast communication; software fault tolerance; Byzantine fault tolerance; Byzantine fault-tolerant multicast messages; CORBA; Common Object Request Broker Architecture; Intrusion Tolerant Distributed Object Systems framework; correct system operation; denial of service attacks; distributed object middleware; distributed object systems; distributed systems programming; firewall proxy; information systems penetration; intrusion prevention mechanisms; intrusion tolerance; intrusion tolerant distributed object systems; mission-critical systems; Computer architecture; Information security; Information systems; Laboratories; Middleware; Mission critical systems; Monitoring; Network servers; Programming profession; Voting;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    DARPA Information Survivability Conference and Exposition, 2003. Proceedings
  • Print_ISBN
    0-7695-1897-4
  • Type

    conf

  • DOI
    10.1109/DISCEX.2003.1194955
  • Filename
    1194955