50 likes | 216 Views
Intrusion Tolerance by Unpredictable Adaptation Integration Ideas. William H. Sanders Michel Cukier James Lyons Prashant Pandey Hari Ramasamy. Jeanna Gossett. Partha Pal Ron Watro Franklin Webber. Not for public release. Observations. What kind of integration: over lifecycle?
E N D
Intrusion Tolerance by Unpredictable Adaptation Integration Ideas William H. Sanders Michel Cukier James Lyons Prashant Pandey Hari Ramasamy Jeanna Gossett Partha Pal Ron Watro Franklin Webber Not for public release
Observations • What kind of integration: • over lifecycle? • i.e. a framework that will integrate intrusion-tolerant solutions that cover systems from development to operational? • over functionality? • The integrated system should have aspects of storage, database transaction, networked interaction, general purpose applications etc? • over mechanisms covering different attacks and vulnerabilities? • over mechanisms of different themes? • What we have now: • mostly individual intrusion-tolerant solutions with different themes: • different applicability
Themes Observed • Redundancy • new communication protocols • distribution of management • Adaptation • Awareness • manage lack of accuracy in IDS • Effects of intrusion on resource availability • Application’s survival • (as opposed to infrastructure) • Autonomic, rapid reaction • Use of deception tactics • dynamism, unpredictability, obfuscation etc
What we need next • An integration context • to tie in different mechanisms • An architecture? A real system? • will depend on the kind of integration we are looking at • Rationale behind the proposed integration • Validation • Integration itself is a big challenge • start small? • incremental?
Hard Problems • Interoperability and Composability • What interfaces need to be defined in order to provide interoperability? • Do different techniques have conflicting assumptions or goals? • Is the whole greater than the sum of the parts? • Can a specific mechanism, developed in a limited context, can be applied in a larger context with multiple mechanisms? • Validation • Techniques presented applicable to small systems, or small parts of large systems. How can we scale these to large-scale, integrated, systems? • Validation of parts DOES NOT imply validation of the combined parts. Can we develop methodologies that permit the composition in a way that preserves validation results? • Can we quantify the likelihood of the assumptions that are made are true? How can this quantification be used in an overall validation? • How will attackers be modeled?