The Design of a Generic Intrusion-Tolerant Architecture for Web Servers

Saidane, Ayda; Nicomette, Vincent; Deswarte, Yves

doi:10.1109/tdsc.2008.1

Cited by 47 publications

(30 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The generic architecture for an intrusion-tolerant system consists of various Web servers and proxies [11]. Duplicated Web servers provide the same services but manage different applications and OS on different hardware platforms.…”

Section: Related Workmentioning

confidence: 99%

Optimal Cluster Expansion-Based Intrusion Tolerant System to Prevent Denial of Service Attacks

et al. 2017

View full text Add to dashboard Cite

Abstract:In this study, we propose an optimal cluster expansion-based intrusion-tolerant system (ITS) that can maintain quality of service (QoS) under a massive denial of service (DoS) attack. Our proposed scheme conserves resources while maintaining good QoS by optimally increasing and decreasing cluster size. To evaluate the performance of the proposed scheme, we use a CloudSim simulator and compare our proposed scheme with an existing conventional adaptive cluster transformation (ACT) scheme. Our simulation results show that the proposed scheme outperforms the conventional ACT scheme in terms of better QoS and lower resource consumption.

show abstract

Section: Related Workmentioning

confidence: 99%

Optimal Cluster Expansion-Based Intrusion Tolerant System to Prevent Denial of Service Attacks

et al. 2017

View full text Add to dashboard Cite

show abstract

“…First, Web technologies have been applied to a wide range of fields from commercial to military systems. Therefore, protecting Web servers has been one of the most interesting topics in ITS studies [6], [7]. Second, the types of software that are used to provide Web services provide an opportunity for diversity.…”

Section: Copyright C 2017 the Institute Of Electronics Information Amentioning

confidence: 99%

“…A generic architecture for intrusion-tolerant Web servers is composed of redundant Web servers and proxies [7]. The authors used diversification to increase resilience to attacks and independence between redundant components.…”

Section: Related Workmentioning

confidence: 99%

Designing and Implementing a Diversity Policy for Intrusion-Tolerant Systems

Heo

Lee

Jang

et al. 2017

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYResearch on intrusion-tolerant systems (ITSs) is being conducted to protect critical systems which provide useful information services. To provide services reliably, these critical systems must not have even a single point of failure (SPOF). Therefore, most ITSs employ redundant components to eliminate the SPOF problem and improve system reliability. However, systems that include identical components have common vulnerabilities that can be exploited to attack the servers. Attackers prefer to exploit these common vulnerabilities rather than general vulnerabilities because the former might provide an opportunity to compromise several servers. In this study, we analyze software vulnerability data from the National Vulnerability Database (NVD). Based on the analysis results, we present a scheme that finds software combinations that minimize the risk of common vulnerabilities. We implement this scheme with CSIM20, and simulation results prove that the proposed scheme is appropriate for a recovery-based intrusion tolerant architecture.

show abstract

“…Considering that a storage service may be operated in a oneupload-many-download manner, this advantage is an important feature. In addition, this concept might also have something in common with intrusion tolerant systems (ITSs) [22,23] in which data leakage is possible during exposure time of virtual machines allowing an adversary to get sensitive data from information systems. They present their contributions below:…”

Section: Privacy Of the Retrievermentioning

confidence: 99%

A Secured and Searchable Encryption Algorithm for Cloud Storage

Mehto¹,

Moriwal²

2015

IJCA

View full text Add to dashboard Cite

Cloud computing is a new generation technology which efficiently support the client oriented services. Now in these days there are a number of applications which consumes the cloud storage service for storing and retrieving information. In such conditions the data owner management and privacy preservation cryptographic techniques are utilized frequently. But due to cryptographic technique of security implementation the data leave their own format and converted into other unreadable format. Due to this retrieval of required information becomes complex. Therefore in this paper a proposed solution incorporate the hash table management and indexing techniques to keep track the actual data contents in terms of document features which may help for encrypting user data and identifying the user data and privacy.

show abstract

The Design of a Generic Intrusion-Tolerant Architecture for Web Servers

Cited by 47 publications

References 10 publications

Optimal Cluster Expansion-Based Intrusion Tolerant System to Prevent Denial of Service Attacks

Optimal Cluster Expansion-Based Intrusion Tolerant System to Prevent Denial of Service Attacks

Designing and Implementing a Diversity Policy for Intrusion-Tolerant Systems

A Secured and Searchable Encryption Algorithm for Cloud Storage

Contact Info

Product

Resources

About