Regulatory Architecture Based On Intrusion Tolerance Technology

The attack techniques are getting more and more sophisticated.And attack events are becoming more and more frequent.these attacks impact the network security seriously.Despite efforts over many years to provide defenses against computer and network attacks,attacks still succeed with painful frequency.Many of the techniques devised to build more secure systems,such as,access control and IDS etc.Due to timeliness or cose,these techniques are not appropriate for most applications.A growing recognition is that a variety of mission critical applications need to continue to operate or provide a minimal level of servicess even when they are under attack or have been partially compromised; hence the need for intrusion tolerance.An intrusion-tolerant system is capable of self-diagnosis ,repair,and reconstitution,while continuing to provide service to legitimate clients(with possible degradation) in the presence of intrusions.This paper describes the conceptual architecture of such a system,and our experience with its initial implementation.This system consists of IDS subsystem,policy management subsystem and monitoring administration subsystem.It prevents service from being penetrated through networking,system,application level respectively.Two related projects,Intrusion Tolerance by Unpredictable Adaptation(ITUA),A Scalable Intrusion Tolerant Architecture for Distributed Services(SITAR),are analyzed firstly.Then,according to the requirements of Monitoring Administration System(MAS),new techniques such as Adaptive Reconfiguration,Intrusion Detection,policy Analysis are addressed and implemented.The achievements of this research include the design and implementation of a MAS prototype.In the design of the prototype,architecture and program structure are presented.In conclusion, an architecture which integrates many kinds of detection methods and security polices is proposed. And an idea is presented that we need to shift attention from attacks or attacker themselves to the target of protection,which is inherently tied to the functions and services being provided.