Title :
A security evaluation of a novel resilient web serving architecture: Lessons learned through industry/academia collaboration
Author :
Huang, Yih ; Ghosh, Anup K. ; Bracewell, Tom ; Mastropietro, Brian
Author_Institution :
Center for Secure Inf. Syst., George Mason Univ., Fairfax, VA, USA
fDate :
June 28 2010-July 1 2010
Abstract :
We have previously developed a virtualization-based web serving architecture and a prototype to enhance web service resilience under cyber attack. The proposed system utilizes replicated virtual servers managed by a closed-loop feedback controller without humans in the loop. We have replicated the prototype at the Raytheon Company, which conducted a thorough penetration test and security examination. In this paper, we present the Resilient Web Service (RWS) and describe its security evaluation by Raytheon of a prototype implementation. We then present new research directions that address previous weaknesses and discuss the ongoing efforts of designing the next generation RWS architecture.
Keywords :
Web services; security of data; virtual machines; Raytheon company; closed-loop feedback controller; cyber attack; replicated virtual servers; resilient Web serving architecture; security evaluation; virtualization-based Web serving architecture; Adaptive control; Collaboration; Electrical equipment industry; Humans; Prototypes; Resilience; Security; Service oriented architecture; Virtual prototyping; Web services;
Conference_Titel :
Dependable Systems and Networks Workshops (DSN-W), 2010 International Conference on
Conference_Location :
Chicago, IL
Print_ISBN :
978-1-4244-7729-6
Electronic_ISBN :
978-1-4244-7728-9
DOI :
10.1109/DSNW.2010.5542597
