Extraction and Specification of Requirements for Intrusion Tolerant Software Modeling

침입감내 소프트웨어 모델링을 위한 요구사항 추출 및 명세

  • Published : 2004.03.01

Abstract

Current distributed systems are attacked from the outside as well as in which new intrusions are occurred. In particular there is a growing but largely unnoticed intrusion threat due to the emerging middleware technologies such as CORBA, WAP, XML support, and enterprise application integrators. In order to cope with these attacks, intrusion tolerance technology is introduced. Intrusion tolerance technology means that it can provide services normally although attacks are occurred into system. There are intrusion tolerance architectures such as ITUA, HACQIT, SITAR, and so on as a part of DARPA project. In this paper, we analyze and discuss existing intrusion tolerance architectures with respect to intrusion tolerance technology. Also, we extract intrusion tolerant requirements, which are required to develop ,intrusion tolerant system. We propose UML-IT(Intrusion Tolerance) profiles and specify intrusion tolerant software by applying UML-IT profiles.

Keywords

References

  1. Proceedings of the 2002 International Conference on Dependable Systems & Networks Developing a Heterogeneous Intrusion Tolerant CORBA System Sames,D.(et al.)
  2. IEEE Symp. on Research in Security and Privacy Intrusion Tolerance in Distributed Systems Deswarte,Y.(et al.)
  3. Proceedings of the IEEE International Symposium on Security and Privacy Intrusion-tolerant Enclaves Dutertre,B.;Crettaz,V.;Stavridou,V.
  4. Proc. of the ICDSN 2002 Supplementary Providing Intrusion Tolerance with ITUA Courtney,T.(et al.)
  5. Supplement of the 201 International Conference on Dependable Systems and Networks Intrusion Telerance Approaches in ITUA Cukier,M.(et al.)
  6. Proceedings of the International Conference on Dependable Systems and Networks (DSN'02) The Design andImplementation of an Intrusion Tolerant System Reynolds,J.(et al.)
  7. 17th Annual Computer Security Applications Conference HACQIT (Hierarchical Adaptive Control of QoS for Intrustion Tolerance) Just,J.E.;Reynolds,J.C.
  8. Proc, of the ICDSN 2002 Supplementary Design and Implementation of SITAR Architecture: A Status Report Wang,F.;Killian,C.
  9. IEEE 2nd SMC Information Assurance Workshop SITAR: A Scalable Intrusion Tolerance Architecture for Distributed Server Wang,F.;Gong,F.;Sargor,C.;Goseva-Popstojanova,K.;Trivedi,K.;Jou,F.
  10. DI/FCUL TR 99-6, Department of Computer Science, University of Lisboa The Middleware architecture of MAFTIA: A Blueprint Neves,N.F.;Verissimo,P.
  11. Project MAFTIA IST-1999-11583 deliverable D21 Conceptual Model and Architecture of MAFTIA Adelsbach,A.(et al.)
  12. Sup. of the 2001 International Conference on Dependable Systems and Networks (DSN2001) MAFTIA (Malicious- and Accidental-Fault Tolerance for Internet Applications) Powell,D.(et al.)