| Intrusion tolerance is the core of the third generation of information security technology for the purpose of survival, also in recent years a hot research field of information security. Different from firewall, intrusion detection and so on, what intrusion tolerance concerns is not the cause of the invasion, but the impact of the invasion on the system. The research goal of intrusion tolerance is when the system has been invaded, or even component or subsystem has collapsed or been controlled by an intruder, the system remains the capacity to maintain critical information and services of the whole system integrity, confidentiality and availability.Because the existing intrusion tolerant system model has poor adaptability, and does not consider self-recovery capability and response time, a distributed adaptive intrusion tolerant model with recovery and adaptive characteristics is proposed in this paper. The conception of response degree is proposed and the concept of intrusion tolerance degree (ITD) is perfected through quantitatively analyzing intrusion tolerant system data integrity, data confidentiality and system response speed. The new model has self-recovery ability, strong adaptability, and can provide continuous and reliable service. Relationships between the evaluation indicators (such as integrity degree, response degree, security degree and intrusion tolerance degree) and the factors (such as the number of servers, data backup number, threshold number, etc.) have been gotten by analyzing the model and simulating experiments. Simulation results show that compared with the current intrusion tolerance model, the new model has better intrusion tolerance.Because last model does not use the voting technology, a distributed adaptive intrusion tolerant model-based voting with recovery and adaptive characteristics is proposed in the rear section. In the process of the quantitative analysis of the model and simulation, three cases caused by interaction of threshold scheme and voting technology have been found. The impact of the voting technology on the evaluation indicators (such as integrity degree, response degree, security degree and intrusion tolerance degree) of model and relationships between the evaluation indicators and the factors have been analyzed in detail in these three cases. Experimental results show that compared with last model, this model has better integrity degree, security degree and intrusion tolerance degree. Finally, difference between this model and last model has been analyzed from the perspectives of both the operating mode of servers and the composition of intrusion tolerance degree. The advantages and disadvantages of each of the two models have been pointed out. These reasons which cause the advantages and disadvantages have been analyzed that provides a theoretical basis for selecting the appropriate model according to objective conditions. |
PDF Full Text Request