Proactive Resilience Revisited: The Delicate Balance Between Resisting Intrusions and Remaining Available

Author

Sousa, Paulo ; Neves, Nuno Ferreira ; Veríssimo, Paulo ; Sanders, William H.

Author_Institution

Lisboa Univ.

fYear

2006

fDate

2-4 Oct. 2006

Firstpage

71

Lastpage

82

Abstract

In a recent paper, we presented proactive resilience as a new approach to proactive recovery, based on architectural hybridization. We showed that, with appropriate assumptions about fault rate, proactive resilience makes it possible to build distributed intrusion-tolerant systems guaranteed not to suffer more than the assumed number of faults during their lifetime. In this paper, we explore the impact of these assumptions in asynchronous systems, and derive conditions that should be met by practical systems in order to guarantee long-lived, i.e., available, intrusion-tolerant operation. Our conclusions are based on analytical and simulation results as implemented in Mobius, and we use the same modeling environment to show that our approach offers higher resilience in comparison with other proactive intrusion-tolerant system models

Keywords

distributed processing; security of data; system recovery; Mobius; architectural hybridization; asynchronous systems; distributed intrusion-tolerant systems; intrusion resilience; proactive recovery; proactive resilience; Analytical models; Computer crime; Electronic government; Informatics; Laboratories; Large-scale systems; Online services; Resilience; Resists; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

Reliable Distributed Systems, 2006. SRDS '06. 25th IEEE Symposium on

Conference_Location

Leeds

ISSN

1060-9857

Print_ISBN

0-7695-2677-2

Type

conf

DOI

10.1109/SRDS.2006.37

Filename

4032470