• English
    • Norsk
  • English 
    • English
    • Norsk
  • Administration
View Item 
  •   Home
  • Det matematisk-naturvitenskapelige fakultet
  • Institutt for informatikk
  • Institutt for informatikk
  • View Item
  •   Home
  • Det matematisk-naturvitenskapelige fakultet
  • Institutt for informatikk
  • Institutt for informatikk
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Innbruddstolerante systemer : En eksperimentell utprøving og vurdering

Broen, Torgeir Spilsberg
Master thesis
View/Open
ThesisTorgeirBroen.pdf (1.658Mb)
Year
2005
Permanent link
http://urn.nb.no/URN:NBN:no-10617

Metadata
Show metadata
Appears in the following Collection
  • Institutt for informatikk [3583]
Abstract
Many of today's critical systems offers services that depend upon the

correct behaviour of one single physical unit. An attacker able to gain control over one component by exploiting a vulnerability its software, only needs to control this component to control the system as a whole. An Intrusion Tolerant System (ITS) offers diversity and

redundancy to the provided service, meaning the attacker needs to

control several different components to control the system. This

thesis studies the components in an ITS and its anatomy. The

implementation of an ITS is described. Both existing systems and the

system developed in conjunction with this thesis, is compared and

evaluated. The investigated, existing systems are: a heterogeneous

server load balancing system, a system developed by SRI/LAAS, a system

developed by Min and Choi and lastly SITAR developed by Wang et al.

Pitfalls in design of ITS-systems are pointed out. The most serious

errors committed are violation of the required diversity among the

components and an opening of new attack vectors by offering

non-critical services. It seems hard to eliminate a «Single Point of

Failure» since one and only one component sends the final reply back

to the client. One can tolerate a «Single Point of Failure» in one

component, but this requires hardening and protection of this

component. Like other security mechanisms, ITS is not the perfect

solution, but may constitute as a part of security in depth, along with other mechanisms. An ITS offers protection of the provided service when an error in application software is exploited by an attacker.
 
Responsible for this website 
University of Oslo Library


Contact Us 
duo-hjelp@ub.uio.no


Privacy policy
 

 

For students / employeesSubmit master thesisAccess to restricted material

Browse

All of DUOCommunities & CollectionsBy Issue DateAuthorsTitlesThis CollectionBy Issue DateAuthorsTitles

For library staff

Login
RSS Feeds
 
Responsible for this website 
University of Oslo Library


Contact Us 
duo-hjelp@ub.uio.no


Privacy policy