- Tytuł:
- Redundancy-based intrusion tolerance approaches moving from classical fault tolerance methods
- Autorzy:
-
Di Giandomenico, Felicita
Masetti, Giulio
Chiaradonna, Silvano - Powiązania:
- https://bibliotekanauki.pl/articles/2172130.pdf
- Data publikacji:
- 2022
- Wydawca:
- Uniwersytet Zielonogórski. Oficyna Wydawnicza
- Tematy:
-
intrusion tolerance
cyberattack
diversity based redundancy
protection mechanisms
tolerancja na włamania
atak cybernetyczny
mechanizm ochronny - Opis:
- Borrowing from well known fault tolerant approaches based on redundancy to mask the effect of faults, redundancy-based intrusion tolerance schemes are proposed in this paper, where redundancy of ICT components is exploited as a first defense line against a subset of compromised components within the redundant set, due to cyberattacks. Features to enhance defense and tolerance capabilities are first discussed, covering diversity-based redundancy, confusion techniques, protection mechanisms, locality policies and rejuvenation phases. Then, a set of intrusion tolerance variations of classical fault tolerant schemes (including N Version Programming and Recovery Block, as well as a few hybrid approaches) is proposed, by enriching each original scheme with one or more of the previously introduced defense mechanisms. As a practical support to the system designer in making an appropriate choice among the available solutions, for each developed scheme a schematic summary is provided, in terms of resources and defense facilities needed to tolerate f value failures and k omission failures, as well as observations regarding time requirements. To provide an example of more detailed analysis, useful to set up an appropriate intrusion tolerance configuration, a trade-off study between cost and additional redundancy employed for confusion purposes is also carried out.
- Źródło:
-
International Journal of Applied Mathematics and Computer Science; 2022, 32, 4; 701--719
1641-876X
2083-8492 - Pojawia się w:
- International Journal of Applied Mathematics and Computer Science
- Dostawca treści:
- Biblioteka Nauki
Artykuł