Description
Abstract The most widely deployed distributed data servers are web servers, and more web servers are being deployed over the internet, serving a wide range of both public and private users. Since these servers are exposed over the internet with the intention of sharing information, the security of information stored is a major concern. Most of the existing security mechanisms focused on external users who are connecting to the server over the internet, apart from external threats, security and intrusion threats from internal networks are also persistent and conventional protective measures are not able to handle such intrusion and security threats. This paper presents the design and implementation of an intrusion tolerant system with CIA (confidentiality, integrity and availability) goals. The intrusion tolerant system is developed by considering diversity redundancy, intrusion detection and IP reputation-based filtering. Redundancy is added and a load balancer ensures that the system is available to serve users. Diversity is included in the system to increase the system’s resilience to attacks by the use of multiple flavors of the operating system. Integrity is achieved by checking the message headers with the help of an intrusion tolerant detection system. The intrusion tolerant functionality is implemented and tested with the windows operating system.
Reviews
There are no reviews yet.