intrusionToler-nneves09

intrusionToler-nneves09 - Increasing Security Through g y g...

Info icon This preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
Increasing Security Through Intrusion Tolerance Nuno Ferreira Neves Approaches to Improve Security Prevention Harden the system at design time to avoid known forms of attack Detection and Recovery Monitor behavior of the system, and react manually or automatically to eliminate the propagation of the attack/intrusion Tolerance Mask the intrusion in the system or gracefully degrade the service service Deterrence Provide legal disincentives
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Motivation and Objectives Traditionally security aims at preventing bad things from occurring Unfortunately, systems are built by humans and humans are not perfect, i.e. they make mistakes, specially nowadays where systems are becoming more complex and larger mistakes can appear in all phases of development, from design to deployment, and result in security vulnerabilities attackers are quite skilled at finding and exploiting these vulnerabilities and when they do it there is an intrusion vulnerabilities, and when they do it, there is an intrusion Current practice deals with this problem with detection and human intervention, but this can be too slow S stems sho ld be able to a tomaticall tolerate accidental Systems should be able to automatically tolerate accidental failures and intrusions and continue operational, without requiring time-consuming and potentially error-prone repair actions by system administrators PERSPECTIVES AS AN PERSPECTIVES AS AN INTRUSION-TOLERANT SYSTEM
Image of page 2
Perspectives (1) Notary Hosts 2 Read req est for a ser ice N1 (or Servers) Network Service 2 - Read request for a service key goes to a subset of the notaries N2 1 - New key 3 - Responses are returned from a subset of notaries, and then the client decides what to do with the key N3 N t i i t i t t ( hi t i d t ) b t i k N4 - Notaries maintain state (or historic data) about service keys - Clients use local policies to determine if they accept or not the key Can clients tolerate intrusions in the notaries? How and how many? Can we generalize these ideas to make any service intrusion tolerant? Perspectives (2) Notary Hosts 1 – Periodically request the the current version of the key N1 (or Servers) Network Service 2 – Get the new key and update the key N2 information N3 Perspectives aware N4 services can request the update of the key Si t i d id i d d tl h t t th k th d t -Since notaries decide independently when to request the keys, the data kept in the servers is loosely synchronized Does this create a problem for perspectives? How is it addressed? Imagine that servers keep your bank account. Would this create a problem?
Image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon