Title :
Building a distributed security defence system
Author :
Daskapan, S. ; Vree, W.G. ; Sol, H.G.
Author_Institution :
Delft Univ. of Technol., Netherlands
Abstract :
Given the complexity of infrastructures, current state of security technology and the limited budgets any security defense systems can be outnumbered by a sufficient number of random sequential failures, e.g. due to multiple DOS attacks. Complementary to the regular solutions where per node several identical dedicated nodes are added (i.e. redundants), a resource sharing approach between undedicated nodes is aimed to build a large scale cluster of redundants and approximate perpetual availability of security distributing nodes. In this work principles are acquired from related and unrelated fields to build a distributed defense system (DDS) that relies on resource sharing. The proposed protocol set, called Medusa, achieves this DDS by dissociating trust authority from identity and hardware, making trust a moveable emancipated commodity. As a moveable object trust can apply traditional fault tolerance techniques by process migration.
Keywords :
authorisation; fault tolerant computing; mobile agents; redundancy; distributed security defence system; fault tolerance techniques; infrastructures complexity; mobile agent; process migration; protocol set; random sequential failures; resource sharing approach; security distributing nodes; Authentication; Computer crime; Fault tolerant systems; Hardware; Immune system; Large-scale systems; Protocols; Redundancy; Resource management; Security;
Conference_Titel :
Systems, Man and Cybernetics, 2004 IEEE International Conference on
Print_ISBN :
0-7803-8566-7
DOI :
10.1109/ICSMC.2004.1401167