ITUA Overview
 

The goal of the ITUA project is to tolerate intrusions through unpredictability in the adaptation response among a large adaptation options. The architecture is based on the concept of security domains seen as restricted privilege areas and containing at least one host. The attack is assumed to require some time from the infiltration from one security domain to another one.

Accidental crash failures and value failures are tolerated using active and passive replication schemes. A group communication system tolerating crash failures is used when no attack is detected. In case of an attack, the group communication system switches to using protocols tolerating arbitrary failures through Byzantine agreement.

An ITUA manager is located in each security domain. Based on inputs from IDSs, CPU and network monitors, and QuO, the ITUA managers decide among several adaptation choices which one to implement (e.g., switch to the Byzantine agreement protocol, start and kill replicas).

 

For more information: http://itua.bbn.com/

 

Publications

            M. Cukier, J. Lyons, P. Pandey, H. V. Ramasamy, W. H. Sanders, P. Pal, F. Webber, R. Schantz, J. Loyall, R. Watro, M. Atighetchi, and J. Gossett, Intrusion Tolerance in ITUA, in Digest of FastAbstracts presented at the International Conference on Dependable Systems and Networks (DSN-2001), (Göteborg, Sweden), pp. B-64-65, July 2001.

            P. Pal, F. Webber, R. Schantz, J. Loyall, R. Watro, W. Sanders, M. Cukier, and J. Gossett, Survival by Defense-Enabling, in Proc. of the New Security Paradigms Workshop 2001, (Cloudcroft, New Mexico, USA), September 11-13, 2001, pp. 71-78.

            H. V. Ramasamy, P. Pandey, J. Lyons, M. Cukier, and W. H. Sanders, Quantifying the Cost of Providing Intrusion Tolerance in Group Communication Systems, in Proc. International Conference on Dependable Systems and Networks (DSN-2002), (Washington, DC, USA), June 23-26, 2002, pp. 229-238.

            M. Seri, T. Courtney, M. Cukier, V. Gupta, S. Krishnamurthy, J. Lyons, H. Ramasamy, J. Ren, and W. H. Sanders, A Configurable CORBA Gateway for Providing Adaptable System Properties, in Supplemental Volume of the 2002 International Conference on Dependable Systems & Networks (DSN-2002), Washington, DC, June 23-26, 2002, pp. G-26 to G-30.

            T. Courtney, J. Lyons, H. V. Ramasamy, W. H. Sanders, M. Seri, M. Atighetchi, P. Rubel, C. Jones, F. Webber, P. Pal. R. Watro, M. Cukier, and J. Gossett, Providing Intrusion Tolerance with ITUA, in Supplemental Volume of the 2002 International Conference on Dependable Systems & Networks (DSN-2002), Washington, DC, June 23-26, 2002, pp. C-5-1 to C-5-3.

            W. H. Sanders, M. Cukier, F. Webber, P. Pal, and R. Watro, Probabilistic Validation of Intrusion Tolerance, Fast Abstract in the Supplemental Volume of the 2002 International Conference on Dependable Systems & Networks (DSN-2002), Washington, DC, June 23-26, 2002, pp. B-78 to B-79.

            H. V. Ramasamy, M. Cukier, and W. H. Sanders, Formal Specification and Verification of a Group Membership Protocol for an Intrusion-Tolerant Group Communication System, in Proc. 2002 Pacific Rim International Symposium on Dependable Computing (PRDC2002), Tsukuba, Japan, December 16-18, 2002, to appear.