Intrusion Tolerance Techniques

Intrusion Tolerance Techniques

DOI: 10.4018/978-1-5225-7492-7.ch021
(Individual Chapters)
No Current Special Offers


The authors believe that the research and development of intrusion tolerant systems will gain more momentum as more and more services are offered online. The expectation of such services is high, considering their essential roles in everyday operations of businesses and individuals as well. The impact of service unavailability and security breaches will only grow more serious. In this chapter, the authors survey the state-of-the-art techniques for building intrusion-tolerant systems. They also illustrate a few of the most urgent open issues for future research. Finally, they point out that to build secure and dependable systems we need a concerted effort in intrusion prevention, intrusion detection, and intrusion tolerance.
Chapter Preview


In this section, we introduce some basic security and dependability concepts and techniques related to intrusion tolerance. A secure information system is one that exhibits the following properties (Pfleeger & Pfleeger, 2002):

  • Confidentiality: Only authorized users have access to the information.

  • Integrity: The information can be modified only by authenticated users in authorized ways. Any unauthorized modification can be detected.

  • Availability: The information is available whenever a legitimate user wants to access it.

Confidentiality is often achieved by using encryption, authentication, and access control. Encryption is a reversible process that scrambles a piece of plaintext into something uninterpretable. Encryption is often parameterized with a security key. To decrypt, the same or a different security key is needed. Authentication is the procedure to verify the identity of a user that wants to access confidential data. Access control is used to restrict what an authenticated user can access.

Integrity can be protected by using secure hash functions, message authentication code (MAC) and digital signatures. For data stored locally, including the application binary files, a checksum is often used as a way to verify data integrity. The checksum can be generated by applying an oneway secure hash transformation on the data. Before the data is accessed, one can verify its integrity by recomputing the checksum and comparing it with the original one. The integrity of a message transmitted over the network can be guarded by a MAC. A MAC is generated by hashing on both the original message and a shared secret key (and often with a sequence number as well). If it is tampered with, the message can be detected in a way similar to that for checksum. For stronger protection, a message can be signed by the sender. A digital signature is produced by first hashing the message using a secure hash function, and then encrypting the hash using the sender’s private key.

Complete Chapter List

Search this Book: