Abstract
|
In the past, some research has been done o … In the past, some research has been done on how to use
proactive recovery to build intrusion-tolerant replicated systems that are resilient to any number of faults, as long as recoveries are faster than an upper bound on fault production assumed at system deployment time. In this paper, we propose a complementary approach that enhances proactive recovery with additional reactive mechanisms giving correct replicas the capability of recovering
other replicas that are detected or suspected of being
compromised. One key feature of our proactive-reactive recovery approach is that, despite recoveries, it guarantees the availability of a minimum number of system replicas necessary to sustain correct operation of the system. We design a proactive-reactive recovery service based on a hybrid distributed system model and show, as a case study, how this service can effectively be used to increase the resilience of an intrusion-tolerant firewall adequate for the protection of critical infrastructures. he protection of critical infrastructures.
|
Author
|
Paulo Sousa +
, Alysson Bessani +
, Miguel Correia +
, Nuno Ferreira Neves +
, Paulo Verissimo +
|
Journal
|
IEEE Transactions on Parallel and Distributed Systems, vol. 21, no. 4, pp. 452-465, Apr. 2010. +
|
Key
|
Sousa10highly +
|
Month
|
apr +
|
NumPubDate
|
2,010.04 +
|
Project
|
Project:CRUTIAL +
, Project:REGENESYS +
|
ResearchLine
|
Fault And Intrusion Tolerance in Open Distributed Systems (FIT) +
|
Title
|
Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery +
|
Type
|
article +
|
Url
|
http://www.navigators.di.fc.ul.pt/archive/papers/ieeetpds-prrw-final-version.pdf +
|
Year
|
2010 +
|
Categories |
Publication +
|
Modification dateThis property is a special property in this wiki.
|
14 January 2013 14:40:58 +
|