• Title/Summary/Keyword: Intrusion tolerance

Search Result 40, Processing Time 0.024 seconds

Extraction and Specification of Requirements for Intrusion Tolerant Software Modeling (침입감내 소프트웨어 모델링을 위한 요구사항 추출 및 명세)

  • 조은숙;이강신
    • Journal of the Korea Society for Simulation
    • /
    • v.13 no.1
    • /
    • pp.51-63
    • /
    • 2004
  • Current distributed systems are attacked from the outside as well as in which new intrusions are occurred. In particular there is a growing but largely unnoticed intrusion threat due to the emerging middleware technologies such as CORBA, WAP, XML support, and enterprise application integrators. In order to cope with these attacks, intrusion tolerance technology is introduced. Intrusion tolerance technology means that it can provide services normally although attacks are occurred into system. There are intrusion tolerance architectures such as ITUA, HACQIT, SITAR, and so on as a part of DARPA project. In this paper, we analyze and discuss existing intrusion tolerance architectures with respect to intrusion tolerance technology. Also, we extract intrusion tolerant requirements, which are required to develop ,intrusion tolerant system. We propose UML-IT(Intrusion Tolerance) profiles and specify intrusion tolerant software by applying UML-IT profiles.

  • PDF

A Study on the Intrusion Tolerance System Applied to the Object Oriented Middleware Environment

  • Shin Seung Jung;Kim Young Soo;Kim Jung Tae;Ryu Dae Hyun;Na Jong Whoa
    • Proceedings of the IEEK Conference
    • /
    • 2004.08c
    • /
    • pp.693-698
    • /
    • 2004
  • The cyber attacks on the computer system in nowadays are focused on works that do not operate specific application. The main key point that we protect information security system has an access control to keep an application. Most of system has a main function to protect an infrastructure such as hardware, network and operating system. In this paper, we have presented an intrusion tolerance system that can service an application in spite of cyber attacks. The proposed system is based on the middle ware integrating security mechanism and separate function of application and intrusion tolerance. The main factor we use security system in nowadays is service to keep a persistency. The proposed intrusion tolerance system is applicable to such as medical, national defense and banking system.

  • PDF

A Study on the Intrustion Tolerance System Applied To the Security System

  • Shin Seung-jung;Kim Jung-tae;Ryu Dae-hyun;Na Jong-Whoa
    • Journal of information and communication convergence engineering
    • /
    • v.3 no.1
    • /
    • pp.38-42
    • /
    • 2005
  • The cyber attacks on the computer system in nowadays are focused on works that do not operate specific application. The main key point that we protect information security system has an access control to keep an application. Most of system has a main function to protect an infrastructure such as hardware, network and operating system. In this paper, we have presented an intrusion tolerance system that can service an application in spite of cyber attacks. The proposed system is based on the middle ware integrating security mechanism and separate function of application and intrusion tolerance. The main factor we use security system in nowadays is service to keep a persistency. The proposed intrusion tolerance system is applicable to such as medical, national defense and banking system.

A Development Technique for Application Software Based on Intrusion Tolerant Requirements (침입감내 요구사항을 수용한 응용 소프트웨어 개발)

  • Kim Chul Jin;Lee Sook Hee;Cho Eun Sook
    • Journal of Korea Multimedia Society
    • /
    • v.8 no.2
    • /
    • pp.233-248
    • /
    • 2005
  • An intrusion tolerant technology has been introduced as a solution to prevent intrusion accident for unknown fragility or attack. However, a systematic modeling technique is not applied into a system design and development based on intrusion tolerant technology. Especially, elements such as availability, integrity, reliability, confidentiality, and so on are important requirements in intrusion tolerant system. Nevertheless, current most of UML-based modeling techniques pass over or don't provide design techniques reflecting those requirements. Therefore, we know these weaknesses and propose both profile and design technique reflecting and applying intrusion tolerant requirements systematically in the development of application software based on intrusion tolerance. We expect that proposed technique can extend not only current UML's limitations but also can improve the quality of application software based on intrusion tolerance.

  • PDF

Design and Implementation of Security System Based on Intrusion Tolerance Technology : Focus on Wargame System (침입감내기술 기반의 보안시스템 설계 및 구현 : 워게임체계를 중심으로)

  • Lee, Gang-Tack;Lee, Dong-Hwi;J. Kim, Kui-Nam
    • Convergence Security Journal
    • /
    • v.5 no.4
    • /
    • pp.41-48
    • /
    • 2005
  • Objective of this study is to design and implement security system based on intrusion tolerance technology for the improvement of dependability in defense system. In order to do so, I identify and extract core technologies through the research and analysis into characteristics, structures, main functions, and technologies of intrusion tolerance architecture. And I accomplish a design of security system through the redundant system based on these core technologies. To implement and verify intrusion tolerance system, I chose 'wargame system' as a subjected system, and accomplished 'Wargame Intrusion Tolerance System' and verified security required functions through a performance test. By applying showed security system into the development of application software based on intrusion tolerance, systematic and efficient system could be developed. Also applying 'WITDS' can solve the current security problems, and this will be basic model for design of security architecture in the federation system after.

  • PDF

Adaptive Intrusion Tolerance Model and Application for Distributed Security System (분산보안시스템을 위한 적응형 침입감내 모델 및 응용)

  • 김영수;최흥식
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.6C
    • /
    • pp.893-900
    • /
    • 2004
  • While security traditionally has been an important issue in information systems, the problem of the greatest concern today is related to the availability of information and continuity of services. Since people and organizations now rely on distributed systems in accessing and processing critical services and mission, the availability of information and continuity of services are becoming more important. Therefore the importance of implementing systems that continue to function in the presence of security breaches cannot be overemphasized. One of the solutions to provide the availability and continuity of information system applications is introducing an intrusion tolerance system. Security mechanism and adaptation mechanism can ensure intrusion tolerance by protecting the application from accidental or malicious changes to the system and by adapting the application to the changing conditions. In this paper we propose an intrusion tolerance model that improves the developmental structure while assuring security level. We also design and implement an adaptive intrusion tolerance system to verify the efficiency of our model by integrating proper functions extracted from CORBA security modules.

Research on Network Design for Intrusion Tolerance of BcN (BcN에서의 침입감내를 위한 네트워크 디자인 연구)

  • Park, Hyun-Do;Kim, Soo;Lee, Hee-Jo;Im, Chae-Tae;Won, Yoo-Jae
    • Journal of KIISE:Information Networking
    • /
    • v.34 no.5
    • /
    • pp.305-315
    • /
    • 2007
  • Broadband Convergence Network (BcN) is the network which unifies telephone network, the Internet and broadcasting networks. Threats to each network can bring serious problems in BcN environment since the whole network can be damaged by various types of attack. The purpose of this study is to suggest the prototype of intrusion-tolerant network design of BcN to guarantee the continuous operation of BcN services against malicious attacks. First, BcN service components, selected by analysis of service time and coverage importance, are classified into three groups by their type: server type, gateway type and hybrid type. Second, the necessity of applying intrusion tolerance on BcN services is deduced by possible attack scenarios on BcN. Finally, we suggest the intrusion-tolerant network design suitable to BcN, using hardware redundancy and secure policies. Also, we present that the suggested network design can increase the intrusion tolerance of BcN.

Classification of the Intrusion Tolerant Systems and Integrated Framework for Survivability Enhancement (생존성 강화를 위한 침입감내 시스템의 분류와 통합 프레임워크 제안)

  • Kim, Gi-Han;Chio, Myeong-Ryeoi;Lee, Kyung-Whan
    • The KIPS Transactions:PartC
    • /
    • v.10C no.3
    • /
    • pp.295-304
    • /
    • 2003
  • Currently security researchers focus on protection of program and data from malicious users and accidents. Therefore, many firewalls and intrusion detection systems have been developed commercially. The intrusion tolerance is a new concept that is the last line of defense for the information survivability. It emphasizes availability and integrity to provide critical system services continuously even when system is compromised. In this paper, we classify current intrusion tolerant technologies from the point of view of program and data. Furthermore, we propose an integrated framework that supports intrusion tolerance of program and data.

A Dependability Analysis of the Group Management Protocol for Intrusion Tolerance of Essential Service (필수 서비스의 침입감내를 위한 그룹관리 프로토콜의 신뢰성 분석)

  • Kim, Hyung-Jong;Lee, Tai-Jin
    • Journal of the Korea Society for Simulation
    • /
    • v.16 no.1
    • /
    • pp.59-68
    • /
    • 2007
  • IT (Intrusion Tolerant) technology is for guaranteeing the availability of service for certain amount time against the attacks which couldn't be prevented by the currently deployed information security countermeasures. IT (Intrusion Tolerant) technology mainly makes use of the replication of service and system fur enhancing availability, and voting scheme and GMP (Croup Management Protocol) are used for the correctness of service. This paper presents a scheme to analyze dependability of IT (Intrusion Tolerant) technology through probabilistic and simulation method. Using suggested analysis scheme, we can analyze the robustness and make a sensible trade-offs in of IT (Intrusion Tolerant) technology.

  • PDF

A Vulnerability Analysis of Intrusion Tolerance System using Self-healing Mechanism (자가치유 메커니즘을 활용한 침입감내시스템의 취약성 분석)

  • Park, Bum-Joo;Park, Kie-Jin;Kim, Sung-Soo
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.32 no.7
    • /
    • pp.333-340
    • /
    • 2005
  • One of the most important core technologies required for the design of the ITS (Intrusion Tolerance System) that performs continuously minimal essential services even when the network-based computer system is partially compromised because of the external or internal intrusions is the quantitative dependability analysis of the ITS. In this paper, we applied self-healing mechanism, the core technology of autonomic computing to secure the protection power of the ITS. We analyzed a state transition diagram of the ITS composed of a Primary server and a backup server utilizing two factors of self-healing mechanism (fault model and system response) and calculated the availability of ITS through simulation experiments and also performed studies on two cases of vulnerability attack.