An Intrusion-Tolerant Web Server based on the DISTRACT Architecture

Rafael Ferraz, Bruno Gonçalves, João Sequeira, Miguel Correia, Lau Cheuk Lung, Nuno Ferreira Neves, Paulo Veríssimo

Workshop on Dependable Distributed Data Management, in conjuction with SRDS'04, Florianopolis, Brasil, pages 45-50, October 2004.

Keywords: Intrusion Tolerance, Fault-Tolerant Protocols, Secure Systems, Distributed Fault-Tolerance, Byzantine Protocols, Security, Dependability, World Wide Web

Abstract

The Web Server is currently the most widely deployed type of distributed data server. This paper presents an intrusion-tolerant web server based on the Deterministic IntruSion ToleRance ArChiTecture (DISTRACT), which is also introduced. The objective of this architecture is to support fault- and intrusion-tolerant services based on the state machine approach. DISTRACT uses a set of intrusion-tolerant protocols based on the TTCB, a secure and synchronous distributed component.

This paper reports on the first implementation of an intrusion-tolerant replicated service based on the TTCB. The solution proposed requires no modifications either on the clients or the servers, which are respectively web browsers and standard web servers. An evaluation of the performance of the replicated web server is provided.

BibTeX

@InProceedings{wddddm:04,
    author = "R. Ferraz and B. Goncalves and J. Sequeira and M. Correia and N. F. Neves and P. Ver\'{\i}ssimo",
    title       = "An Intrusion-Tolerant Web Server based on the {DISTRACT} Architecture",
    booktitle = "Proc. of the Workshop on Dependable Distributed Data Management",
    address = "Florianopolis, Brazil",
    month       = oct,
    year    = 2004
}

Preprint

Download the pdf.