Theory And Approaches For Intrusion Tolerance

Nowadays, the need for highly secure, highly dependable computer systems is acute. There are a lot of techniques to achieve security in network. Intrusion-tolerance is one of the new techniques of using fault-tolerance to achieve security properties. It is an emerging approach to build survivable systems in recognizing that no system will be absolutely exempt from intrusions, and is considered as the ultimate defence of the information systems. Instead of focusing on intrusion prevention, it assumes that system vulnerabilities cannot be totally eliminated, and that external attackers or malicious insiders will identify and exploit these vulnerabilities and make illicit access to the system. Its aim is to design systems with the capacity to fulfil its primary missions in the presence of intrusion or partial compromising. This thesis is concerned with the research on the theory and methods of intrusion-tolerance and its applications. Some relevant models and system designs are presented in this thesis, including some intrusion-tolerant schemes, a computationally secure and intrusion-tolerant system design, and a novel approach to adaptive secure proactive secret sharing scheme. Besides, we present an authentication protocol against DoS attacks.This thesis makes several contributions, including:1. We contend that both areas, security and fault-tolerance, where the goals and methods overlap, shall not be examined in isolation to each other. We believe that the performance of security and fault-tolerance will be enhanced if the impact each can have on the other is considered. Intrusion-tolerance is a technique of combining both of fault-tolerance and security.2. We propose some intrusion-tolerant schemes by means of combination of secret sharing scheme and the knowledge proof. These schemes have the properties of simple structure and high security. The schemes ensure that the systems can provide reliable services even if some servers misbehave caused by adversaries or failures. Our analysis shows that the passive adversary cannot learn the information about secrets, and the active adversary cannot also disrupt the services.3. An approach to establish a computationally secure and intrusion-tolerant key distribution system is presented, which is built on both techniques of secret sharing scheme and knowledge proof. With the use of Object Z, We structure the system to fulfil their security requirement and to win the confidence of users of the model the security-critical systems. The specification is useful and helpful not only for improving...