Intrusion tolerance: Difference between revisions
mNo edit summary |
added referenced info on server architectures |
||
Line 1: | Line 1: | ||
{{Primary sources|date=December 2013}} |
{{Primary sources|date=December 2013}} |
||
'''Intrusion tolerance''' is a [[fault-tolerant design]] approach to defending information systems against malicious attacks. In that sense, it is also a [[computer security]] approach. Abandoning the conventional aim of preventing all intrusions, intrusion tolerance instead calls for triggering mechanisms that prevent intrusions from leading to a system security failure. |
'''Intrusion tolerance''' is a [[fault-tolerant design]] approach to defending information systems against malicious attacks. In that sense, it is also a [[computer security]] approach. Abandoning the conventional aim of preventing all intrusions, intrusion tolerance instead calls for triggering mechanisms that prevent intrusions from leading to a system security failure. |
||
==Distributed computing== |
|||
In [[distributed computing]] there are two major variants of intrusion tolerance mechanisms: mechanisms based on redundancy, such as the [[Byzantine fault tolerance]], as well as mechanisms based on intrusion detection as implemented in [[intrusion detection system]]) and intrusion reaction. |
|||
==Intrusion-tolerant server architectures == |
|||
Intrusion-tolerance has started to influence the design of server architectures in academic institutions, and [[manufacturing|industry]]. Examples of such server architectures include KARMA, [[Splunk]] IT Service Intelligence (ITSI), project ITUA, and the [[practical Byzantine Fault Tolerance]] (pBFT) model.<ref>{{Cite book|title= Dependable Computing: First Latin-American Symposium, LADC 2003, Sao Paulo, Brazil | editor1= Joao Batista Camargo Jr. | editor2= Rogério le Lemos | editor3= Taisy Silva Weber |publisher= Springer |year=2003 |isbn=9783540202240 | pages=81}}</ref> |
|||
==See also== |
==See also== |
||
* [[Intrusion detection system evasion techniques]] |
|||
*[[Byzantine fault tolerance]] |
|||
==External links== |
|||
*Paulo Veríssimo, Nuno Ferreira Neves, Miguel Pupo Correia "[http://www.di.fc.ul.pt/~nuno/PAPERS/archit-depend-sys-03.pdf Intrusion-Tolerant Architectures: Concepts and Design]" |
|||
[[Category:Fault tolerance]] |
[[Category:Fault tolerance]] |
Revision as of 13:57, 8 June 2023
Intrusion tolerance is a fault-tolerant design approach to defending information systems against malicious attacks. In that sense, it is also a computer security approach. Abandoning the conventional aim of preventing all intrusions, intrusion tolerance instead calls for triggering mechanisms that prevent intrusions from leading to a system security failure.
Distributed computing
In distributed computing there are two major variants of intrusion tolerance mechanisms: mechanisms based on redundancy, such as the Byzantine fault tolerance, as well as mechanisms based on intrusion detection as implemented in intrusion detection system) and intrusion reaction.
Intrusion-tolerant server architectures
Intrusion-tolerance has started to influence the design of server architectures in academic institutions, and industry. Examples of such server architectures include KARMA, Splunk IT Service Intelligence (ITSI), project ITUA, and the practical Byzantine Fault Tolerance (pBFT) model.[1]
See also
- ^ Joao Batista Camargo Jr.; Rogério le Lemos; Taisy Silva Weber, eds. (2003). Dependable Computing: First Latin-American Symposium, LADC 2003, Sao Paulo, Brazil. Springer. p. 81. ISBN 9783540202240.