Title :
Intrusion tolerance in distributed computing systems
Author :
Deswarte, Yves ; Blain, Laurent ; Fabre, Jean-Charles
Author_Institution :
LAAS-CNRS, INRIA, Toulouse, France
Abstract :
An intrusion-tolerant distributed system is a system which is designed so that any intrusion into a part of the system will not endanger confidentiality, integrity and availability. This approach is suitable for distributed systems, because distribution enables isolation of elements so that an intrusion gives physical access to only a part of the system. In particular, the intrusion-tolerant authentication and authorization servers enable a consistent security policy to be implemented on a set of heterogeneous, untrusted sites, administered by untrusted (but nonconspiring) people. The authors describe how some functions of distributed systems can be designed to tolerate intrusions. A prototype of the persistent file server presented has been successfully developed and implemented as part of the Delta-4 project of the European ESPRIT program
Keywords :
data integrity; distributed processing; file servers; security of data; Delta-4 project; European ESPRIT program; authorization servers; consistent security policy; distributed computing systems; intrusion-tolerant authentication; intrusion-tolerant distributed system; persistent file server; untrusted sites; Access control; Authentication; Authorization; Computer crime; Computer networks; Computer security; Distributed computing; File servers; Protocols; Workstations;
Conference_Titel :
Research in Security and Privacy, 1991. Proceedings., 1991 IEEE Computer Society Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-2168-0
DOI :
10.1109/RISP.1991.130780
