Title :
A qualitative analysis of the intrusion-tolerance capabilities of the MAFTIA architecture
Author :
Stroud, Robert ; Welch, Ian ; Warne, John ; Ryan, Peter
Author_Institution :
Sch. of Comput. Sci., Newcastle Univ., Newcastle upon Tyne, UK
fDate :
28 June-1 July 2004
Abstract :
MAFTIA was a three-year European research project that explored the use of fault-tolerance techniques to build intrusion-tolerant systems. The MAFTIA architecture embodies a number of key design principles for building intrusion-tolerant systems, such as the notion of distributing trust throughout the system and limiting the extent to which individual components are trusted, and the aim of this paper is to illustrate these principles and demonstrate MAFTIA s intrusion-tolerance capabilities by showing how MAFTIA mechanisms and protocols might be deployed in a realistic context. We discuss the relationship between intrusion tolerance and fault tolerance, and then describe how the MAFTIA architecture could be used to build an intrusion-tolerant version of a hypothetical e-commerce application. Using fault trees, we analyse possible attack scenarios and show how MAFTIA mechanisms protect against them. We conclude the paper with a discussion of related work and identify areas for future research.
Keywords :
Internet; authorisation; electronic commerce; fault tolerance; fault trees; MAFTIA architecture; attack scenarios; e-commerce; fault trees; intrusion tolerance; trust distribution; Application software; Buildings; Computer architecture; Fault tolerance; Fault tolerant systems; Fault trees; Internet; Protection; Protocols; Radio access networks;
Conference_Titel :
Dependable Systems and Networks, 2004 International Conference on
Print_ISBN :
0-7695-2052-9
DOI :
10.1109/DSN.2004.1311915
