intrusionToler-nneves09

intrusionToler-nneves09 - Increasing Security Through g y g...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
Increasing Security Through Intrusion Tolerance Nuno Ferreira Neves Approaches to Improve Security ± Prevention ² Harden the system at design time to avoid known forms of attack ± Detection and Recovery ² Monitor behavior of the system, and react manually or automatically to eliminate the propagation of the attack/intrusion ± Tolerance ² Mask the intrusion in the system or gracefully degrade the service ± Deterrence ² Provide legal disincentives
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Motivation and Objectives ± Traditionally security aims at preventing bad things from occurring ± Unfortunately, systems are built by humans ² and humans are not perfect, i.e. they make mistakes, specially nowadays where systems are becoming more complex and larger ² mistakes can appear in all phases of development, from design to deployment, and result in security vulnerabilities ² attackers are quite skilled at finding and exploiting these vulnerabilities and when they do it there is an intrusion vulnerabilities, and when they do it, there is an intrusion ± Current practice deals with this problem with detection and human intervention, but this can be too slow ± Systems should be able to automatically tolerate accidental failures and intrusions and continue operational, without requiring time-consuming and potentially error-prone repair actions by system administrators PERSPECTIVES AS AN INTRUSION-TOLERANT SYSTEM
Background image of page 2
Perspectives (1 Notary Hosts Perspectives (1) 2 Read req est for a ser ice N1 (or Servers) Network Service 2 - Read request for a service key goes to a subset of the notaries N2 1 - New key 3 - Responses are returned from a subset of notaries, and then the client decides what to do with the key N3 N4 - Notaries maintain state (or historic data) about service keys - Clients use local policies to determine if they accept or not the key Can clients tolerate intrusions in the notaries? How and how many? Can we generalize these ideas to make any service intrusion tolerant? Perspectives (2 Notary Hosts Perspectives (2) 1 – Periodically request the the current version of the key N1 (or Servers) Network Service 2 – Get the new key and update the key N2 information N3 Perspectives aware N4 services can request the update of the key -Since notaries decide independently when to request the keys, the data kept in the servers is loosely synchronized Does this create a problem for perspectives? How is it addressed? Imagine that servers keep your bank account. Would this create a problem?
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Bank Scenario 1 – Cashier A deposits some amount in server S1 S1 Bank Servers Cashier A 2 – Server S1 performs the operation and responds OK S2 S3 Later – Cashier A performs the same update on the other servers 3 Cashier A reads the S4 Account data is replicated across servers 3 – Cashier A reads the account balance from the servers Cashier B 4 – Servers respond with their current value and then cashier B selects the actual value; Depending on which updates have already been done , she will let or not let you withdraw some money Would you apply perspectives approach to this scenario?
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/31/2009 for the course ECE 18731 taught by Professor Perrig during the Spring '08 term at Carnegie Mellon.

Page1 / 17

intrusionToler-nneves09 - Increasing Security Through g y g...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online