Advertisement

Adaptive Architecture for Web Server Survivability

  • Eungki Park
  • Dae-Sik Choi
  • Eul Gyu Im
  • Jung-Tack Seo
  • Dongkyu Kim
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3261)

Abstract

Internet becomes more and more popular, and most companies and institutes use web services as a fundamental tools to promote their business. As results, Internet and web services become core infrastructure for a business and become more and more important, but attacks against web services increase as the popularity of web services grows. Therefore, there are increasing needs of undisturbed web services despite of attacks. In this paper, we proposed adaptation policies for a web-server intrusion tolerant system. Our proposed adaptation policies allow the system to provide continuous web services using various techniques, such as intrusion tolerant types, replication degree, server allocation mechanism, adaptive access control method and so on.

Keywords

intrusion tolerance survivability web services 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Computer Security Institute/Federal Bureau of Investigation: Computer crime and security survey (2001)Google Scholar
  2. 2.
    Symantec Corp.: Symantec internet security threat report, volume i (2002)Google Scholar
  3. 3.
    Ellison, B., Fisher, D.A., Linger, R.C., Lipson, H.F., Longstaff, T., Mead, N.R.: Survivable network systems: An emerging discipline. Technical Report CMU/SEI-97-TR-013, Carnegie-Mellon University Software Engineering Institute (1997)Google Scholar
  4. 4.
    Pal, P., Webber, F., Schantz, R.E., Loyall, J.P.: Intrusion tolerant systems. In: Proceedings of the IEEE Information Survivability Workshop, Boston, Massachusetts, U.S.A (2000)Google Scholar
  5. 5.
    Lee, W., Fan, W.: Mining system audit data: opportunities and challenges. ACM SIGMOD Record 30, 35–44 (2001)CrossRefGoogle Scholar
  6. 6.
    Pal, P., Webber, F., Schantz, R.: Survival by defense-enabling. In: Proceedings of the 2001 workshop on New security paradigms, pp. 71–78. ACM Press, New York (2001)CrossRefGoogle Scholar
  7. 7.
    Rathi, M., Anjum, F., Zbib, R., Ghosh, A., Umar, A.: Investigation of intrusion tolerance for COTS middleware. In: Proceedings of the IEEE International Conference on Communications 2002, pp. 1169–1173 (2002)Google Scholar
  8. 8.
    Stavridou, V., Dutertre, B., Riemenschneider, R.A., Saidi, H.: Intrusion tolerant software architectures. In: Proceedings of the DARPA Information Survivability Conference & Exposition (DISCEX) 2001, pp. 230–241 (2001)Google Scholar
  9. 9.
    Wang, F., Upppalli, R.: SITAR: a scalable instrusion-tolerant architecture for distributed services - a technology summary. In: Proceedings of the DARPA Information Survivability Conference & Exposition (DISCEX) 2003, pp. 153–155 (2003)Google Scholar
  10. 10.
    Wang, R., Wang, F., Byrd, G.T.: Design and implementation of acceptance monitor for building scalable intrusion tolerant system. In: Proceedings of the Tenth International Conference on Computer Communications and Networks, Scottsdale, AZ, USA, pp. 200–205 (2001)Google Scholar
  11. 11.
    Wang, F., Gong, F., Sargor, C., Goseva-Popstojanova, K., Trivedi, K., Jou, F.: SITAR: A scalable intrusion-tolerant architecture for distributed services. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, pp. 38–45. United States Military Academy, West Point (2001)Google Scholar
  12. 12.
    Choi, D.S., Im, E.G., Lee, C.W.: Intrusion-tolerant system design for web server survivability. In: Chae, K.-J., Yung, M. (eds.) WISA 2003. LNCS, vol. 2908, pp. 124–134. Springer, Heidelberg (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Eungki Park
    • 1
  • Dae-Sik Choi
    • 1
  • Eul Gyu Im
    • 1
  • Jung-Tack Seo
    • 1
  • Dongkyu Kim
    • 2
  1. 1.National Security Research InstituteDaejeonRepublic of Korea
  2. 2.School of Information & Computer EngineeringAjou UniversitySuwonRepublic of Korea

Personalised recommendations