D. Arsenault scite author profile

It is well-understood that increasing redundancy in a system generally improves the availability and dependability of the system. In server clusters, one important form of redundancy is spare servers. Cluster security, while universally recognized as an important subject in its own right, has not often been associated with the issue of redundancy.In prior work, we developed a Self-Cleansing Intrusion Tolerance (SCIT) architecture that strengthens cluster security through periodic server rotations and self-cleansing. In this work, 1 we consider the servers in the cleansing mode as redundant, spare hardware and develop a unified control algorithm that manages the requirements of both security and service availability. We will show the advantages of our algorithm in the following areas: (1) Intrusion tolerance through constant server rotations and cleansing, (2) Survivability in events of server failures, (3) Guarantee of service availability as long as the cluster has a minimum number of functioning servers, and (4) Scalability, the support of using high degrees of hardware/server redundancy to improve security and fault tolerance. We provide proofs for important properties of the proposed algorithm. The effects of varying degrees of server redundancy in reducing attack windows are investigated through simulation.

show abstract

Incorruptible System Self-Cleansing for Intrusion Tolerance

Huang

Arsenault

Sood

View full text Add to dashboard Cite

 Despite the increased focus on security, critical information systems remain vulnerable to cyber attacks. The problem stems in large part from the constant innovation and evolution of attack techniques. The trend lends importance to the concept of intrusion tolerance: a critical system must fend off or at least limit the damage caused by unknown and/or undetected attacks. In prior work, we developed a Self-Cleansing Intrusion Tolerance (SCIT) architecture that achieves the above goal by constantly cleansing the servers and rotating the role of individual servers. In this paper, we show that, with simple hardware enhancements strategically placed in a SCIT system, incorruptible intrusion containment can be realized. We then present an incorruptible SCIT design for use by one of the most critical infrastructures of the Internet, the domain name services.It is our belief that incorruptible intrusion containment as presented here constitutes a new, effective layer of system defense for critical information systems.

show abstract

Incorruptible Self-Cleansing Intrusion Tolerance and Its Application to DNS Security

Huang¹,

Arsenault²,

Sood

2006

JNW

View full text Add to dashboard Cite

Despite the increased focus on security, critical information systems remain vulnerable to cyber attacks. The trend lends importance to the concept of intrusion tolerance: there is a high probability that systems will be successfully attacked and a critical system must fend off or at least limit the damage caused by unknown and/or undetected attacks. In prior work, we developed a Self -Cleansing Intrusion Tolerance (SCIT) architecture that achieves the above goal by constantly cleansing the servers and rotating the role of individual servers. In this paper1, we show that SCIT operations can be incorruptibly enforced with hardware enhancements. We then present an incorruptible SCIT design for use by one of the most critical infrastructures of the Internet, the domain name systems. We will show the advantages of our designs in the following areas: (1) incorruptible intrusion tolerance, (2) high availability, (3) scalability, the support for using high degrees of hardware/server redundancy to improve both system security and service dependability, and (4) in the case of SCIT-based DNSSEC, protection of the DNS master file and cryptographic keys. It is our belief that incorruptible intrusion tolerance as presented here constitutes a new, effective layer of system defense for critical information systems.

show abstract

Securing DNS services through system self cleansing and hardware enhancements

Huang

Arsenault

Sood

2006

View full text Add to dashboard Cite

--Domain Name Systems (DNS) provide the mapping between easily-remembered host names and their IP addresses. Popular DNS implementations however contain vulnerabilities that are exploited by frequent, targeted attacks. The software vulnerabilities of DNS together with the constant innovation and morphing of cyber attack techniques necessitate the consideration of the worst case scenarios: there will be successful but undetected attacks against DNS servers.In this work 1 we develop a secure DNS architecture that contains the damage of successful, undetected attacks. This formidable end is achieved by constantly cleansing the servers and rotating the role of individual servers. Moreover, the server rotation process itself is protected against corruption by hardware. We will show the advantages of our design in the following areas: (1) protection of the DNS master file and cryptographic keys, (2) incorruptible intrusion tolerance, (3) high availability, and (4) scalability, the support of using of high degrees of hardware/server redundancy to improve both system security and service dependability. Due to the critical importance of DNS, such a dependable and intrusion-resilient design contributes significantly to the overall security of the Internet.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

D. Arsenault

Secure, Resilient Computing Clusters: Self-Cleansing Intrusion Tolerance with Hardware Enforced Security (SCIT/HES)

Closing cluster attack windows through server redundancy and rotations

Incorruptible System Self-Cleansing for Intrusion Tolerance

Incorruptible Self-Cleansing Intrusion Tolerance and Its Application to DNS Security

Securing DNS services through system self cleansing and hardware enhancements

Contact Info

Product

Resources

About