Browse > Article

Research on Network Design for Intrusion Tolerance of BcN  

Park, Hyun-Do (고려대학교 컴퓨터학과)
Kim, Soo (고려대학교 컴퓨터학과)
Lee, Hee-Jo (고려대학교 컴퓨터학과)
Im, Chae-Tae (한국정보보호진흥원 기술기획팀)
Won, Yoo-Jae (한국정보보호진흥원 기술기획팀)
Publication Information
Journal of KIISE:Information Networking / v.34, no.5, 2007 , pp. 305-315 More about this Journal
Abstract
Broadband Convergence Network (BcN) is the network which unifies telephone network, the Internet and broadcasting networks. Threats to each network can bring serious problems in BcN environment since the whole network can be damaged by various types of attack. The purpose of this study is to suggest the prototype of intrusion-tolerant network design of BcN to guarantee the continuous operation of BcN services against malicious attacks. First, BcN service components, selected by analysis of service time and coverage importance, are classified into three groups by their type: server type, gateway type and hybrid type. Second, the necessity of applying intrusion tolerance on BcN services is deduced by possible attack scenarios on BcN. Finally, we suggest the intrusion-tolerant network design suitable to BcN, using hardware redundancy and secure policies. Also, we present that the suggested network design can increase the intrusion tolerance of BcN.
Keywords
BcN; Broadband Convergence Network; Intrusion tolerance; Redundancy; Policy server;
Citations & Related Records
연도 인용수 순위
  • Reference
1 이강신, 임채태, 이태진, 김형종, 이동훈, 'SITIS: Scalable Intrusion Tolerance Middleware for Internet Service Survivability,'Proc. IEEE PCM, 2004
2 James Reynolds, James Just, Ed Lawson, Larry Clough, Ryan Maglich, ;The Design and Implementation of an Intrusion Tolerant System,; Proc. IEEE DSN, 2002
3 Feiyi Wang, Fengmin Gong, Chandramouli Sargor, Katerina Goseva-Popstojanova, Kishor Trivedi, Frank Jou, ;SITAR: A Scalable Intrusion-Tolerant Architecture for Distributed Services,'Proc. IEEE SMC, 2001
4 Yu-Sung Wu, Saurabh Bagchi, Sachin Garg, Navjot Singh, 'SCIDIVE: A Stateful and Cross Protocol Intrusion Detection Architecture for Voice-over-IP Environments,' Proc. IEEE DSN, 2004
5 EventHelix, 'Fault Handling and Fault Tolerance,' h t t p : // w ww. e v e n t h e l i x . c o m / Re a l t imeMa n t r a /FaultHandling/
6 David Sames, Brian Matt, Brian Niebuhr, Gregg Tally, Brent Whitmore, David Bakken, 'Developing a Heterogeneous Intrusion Tolerant CORBA System,'Proc. IEEE DSN, 2002
7 Tod Courtney, James Lyons, HariGovind V. Ramasamy, William H. Sanders, and Mouna Seri, Michael Atighetchi, Paul Rubel, Christopher Jones, Franklin Webber, Partha Pal, and Ronald Watro, 'Providing Intrusion Tolerance With ITUA,' Proc. IEEE DSN, 2002
8 Bingrui Foo, Yu-Sung Wu, Yu-Chun Mao, Saurabh Bagchi, Eugene Spafford, 'ADEPTS: Adaptive Intrusion Response using Attack Graphs in an E-Commerce Environment,' Proc. IEEE DSN, 2005
9 Wikipedia, 'Fault Tolerant system,' http://en. wikipedia.org/wiki/ Fault_tolerant_system
10 A. Adelsbach, D. Alessandri, C. Cachin, S. Creese, M. Dacier, Y. Deswarte, K. Kursawe, J. C. Laprie, B., Pitzmann, D. Powell, B. Randell, J. Riordan, R. Stroud, P. Verssimo, M. Waidner, I. Welch, A. Wespi, 'MAFTIA Conceptual Model and Architecture,' LAAS-CNRS Report No. 01426, 2001