Intrusion tolerant middleware

The increased reliance of applications on the software infrastructure to support distributed operations is creating new intrusion threats. In particular, there is a growing (but largely unnoticed) intrusion threat due to the emerging middleware technologies, such as CORBA, WAP, XML support, enterprise application integrators and Internet telephony middleware. The situation is grave because the emerging middleware technologies are relatively immature but have a high potential of use in current and future civilian and military systems. This paper shows a practical analysis of the intrusion threats introduced due to the increased reliance of current and future mission-critical applications on emerging middleware. A great deal of effort is needed to fill the gap between where we are and where we need to be. In particular, a technique called FRS (fragmentation, redundancy, scattering) needs particular attention because it is central to intrusion tolerance. An important area of work is to improve FRS and imbed it in existing middleware platforms. Work in developing an intelligent compensating middleware (ICM) that includes FRS as a compensating feature for existing commercial off-the-shelf (COTS) middleware is discussed. This research is being conducted at Telcordia Technologies under the ICM Project (BAA0015), funded by DARPA. Initial results from this project are included