Title :
On the Effects of Finite Memory on Intrusion-Tolerant Systems
Author :
Veronese, Giuliana Santos ; Correia, Miguel ; Lung, Lau Cheuk ; Verissimo, Paulo
Author_Institution :
Univ. de Lisboa, Loria
Abstract :
Intrusion tolerance has been proposed as a new paradigm for computer systems security. The idea is to apply the fault tolerance paradigm in the domain of systems security accepting that malicious faults (attacks, intrusions) can never be entirely prevented, and that highly resilient systems have to tolerate these faults. Research in this area has produced a set of clever intrusion-tolerant protocols and systems (I/T protocols and I/T systems for short). However, we believe that an issue has been overlooked: that servers have, finite memory, so the number of messages that can be stored in their buffers is limited. Intuitively, this can be a problem in systems in which there are many messages being exchanged. Moreover, all of these systems assume that the environment is essentially asynchronous, i.e., that there are no bounds on communication and processing delays. Assuming this kind of model is very important in order to prevent the success of attacks against time.
Keywords :
fault tolerant computing; protocols; security of data; storage management; computer system security; finite memory; intrusion-tolerant protocol system; malicious fault; Buffer overflow; Buffer storage; Computer security; Delay; Fault tolerant systems; Filling; IP networks; Protocols; Scholarships; US Department of Transportation;
Conference_Titel :
Dependable Computing, 2007. PRDC 2007. 13th Pacific Rim International Symposium on
Conference_Location :
Melbourne, Qld.
Print_ISBN :
0-7695-3054-0
DOI :
10.1109/PRDC.2007.35
