At the time of invention, Internet was just accessible to a small group of pioneers who wanted to make the network work. Protocols were focused on just transmission errors and hardware and software faults. They did not worry about the network attacks such as intrusions and other attacks. Now, rapid use of Internet in secure transactions, business and other legitimate usage has made it vulnerable to hackers and attacks.
Denial of Service – Attackers prevent the targeted system from being used. Attacks against Confidentiality – Aim to obtain sensitive information which may endanger people’s privacy. Attacks against Integrity – Destruction or modification of sensitive data, spreading of false information, etc.
Distinguish between An error, part of system state that cause failure. A failure, service delivery deviates from the system. A fault, hypothesized cause of error, e.g.: an intrusion. Categories to design a safe system: Fault Prevention Fault Tolerance Fault Removal Fault Forecasting
Fault Prevention: Prevent the occurrence or introduction of faults. Fault Tolerance: Delivering the correct service in the presence of faults. Fault Removal: Reducing the number or severity of faults. Fault Forecasting: Estimating, ranking or evaluating the present number, the future numbers and the likely consequence of faults.
Organize and manage a system such that an intrusion in one part of the system has no effect on its overall security. Make it difficult for the same type of attack to succeed in different parts of the system. An intrusion into a part of the system should not allow the attacker to obtain confidential data.
Tolerance Based on Intrusion Detection Intrusion detection paradigms
Fragmentation, Redundancy and Scattering Fragmentation consists of splitting the sensitive data into fragments such that a single isolated fragment does not contain any significant information. Fragments are then replicated so that the modification does not impede the reconstruction of correct data. Finally, scattering aims to ensure that an intrusion only gives access to isolated fragments.
Malicious and Accidental Fault Tolerance for Internet Applications
Given the current rate of attacks on Internet, intrusion tolerance appears to be a promising technique to implement secure applications. The implementation is expensive but it is worth providing for security.