Intrusion tolerance in distributed computing systems

Author

Deswarte, Yves ; Blain, Laurent ; Fabre, Jean-Charles

Author_Institution

LAAS-CNRS, INRIA, Toulouse, France

fYear

1991

fDate

20-22 May 1991

Firstpage

110

Lastpage

121

Abstract

An intrusion-tolerant distributed system is a system which is designed so that any intrusion into a part of the system will not endanger confidentiality, integrity and availability. This approach is suitable for distributed systems, because distribution enables isolation of elements so that an intrusion gives physical access to only a part of the system. In particular, the intrusion-tolerant authentication and authorization servers enable a consistent security policy to be implemented on a set of heterogeneous, untrusted sites, administered by untrusted (but nonconspiring) people. The authors describe how some functions of distributed systems can be designed to tolerate intrusions. A prototype of the persistent file server presented has been successfully developed and implemented as part of the Delta-4 project of the European ESPRIT program

Keywords

data integrity; distributed processing; file servers; security of data; Delta-4 project; European ESPRIT program; authorization servers; consistent security policy; distributed computing systems; intrusion-tolerant authentication; intrusion-tolerant distributed system; persistent file server; untrusted sites; Access control; Authentication; Authorization; Computer crime; Computer networks; Computer security; Distributed computing; File servers; Protocols; Workstations;

fLanguage

English

Publisher

ieee

Conference_Titel

Research in Security and Privacy, 1991. Proceedings., 1991 IEEE Computer Society Symposium on

Conference_Location

Oakland, CA

Print_ISBN

0-8186-2168-0

Type

conf

DOI

10.1109/RISP.1991.130780

Filename

130780