Abstract
In recent years, defense-in-depth information assurance is one of the main focuses in information security research. However, the complexity of information assurance systems increases rapidly with more and more security functions and subsystems being included. In this paper, we propose an autonomic computing architecture for defense-in-depth information assurance systems (DDIAS) so that the increasing complexity of DDIAS can be tackled by distributed autonomous security subsystems with the abilities of self-configuration, self-optimization, self-healing and self-protection. We also present a case study of autonomic computing for distributed emergency response and incident recovery, which is usually the last line of in-depth defense. In the case study, we combine the tenure duty method (TDM) with autonomic system architecture to realize autonomic service roaming and dynamic backup. Experiments show that the proposed method greatly improves the survivability of information systems without much loss of quality of service.
Supported by the National Natural Science Foundation of China Under Grant 60303012, and National High-Technology (863) Program under Grant 2003AA2080.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
McHugh, J., Christie, A., Allen, J.: Defending Yourself: The Role of Intrusion Detection Systems. IEEE Software, 42–51 (2000)
Huang, Z.G., Lu, X.C., Wang, H.M.: A Diversified Dynamic Redundancy Method Exploiting the Intrusion Tolerance. In: Proceedings of the Third Information Survivability Workshop (ISW 2000), Boston MA, USA, October 24-26 (2000)
Deep, M., David, T.: Multi-Layered Network Survivability – Models, Analysis, Architecture, Framework and Implementation: An Overview. In: Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX 2000), Hilton Head Island, South Carolina, January 25-27 (2000)
Information Assurance through Defense-in-Depth. Directorate for Command, Control, Communications, and Computer Systems. U.S. Department of Defense Joint Staff (February 2000)
Ganek, A.G., et al.: The Dawning of the Autonomic Computing Era. IBM Systems Journal 42, 5–18 (2003)
Haas, R., Droz, P., Stiller, B.: Autonomic Service Deployment in Networks. IBM Systems Journal 42, 150–164 (2003)
Bantz, D.F., Bisdikian, C., et al.: Autonomic Personal Computing. IBM Systems Journal 42, 165–176 (2003)
Horn, P.: Autonomic Computing: IBM’s Perspective on the State of Information Technology, IBM Corporation (2001), available at http://www.research.ibm.com/autonomic/manifesto/autonomic_computing.pdf
Bass, T., Robichaux, R.: Defense-In-Depth Revisited: Qualitative Risk Analysis Methodology for Complex Network-Centric Operations. In: Proc. of IEEE MILCOM 2001, October 28-31, pp. 64–70 (2001)
Huang, Z.G.: The Tenure Duty Method (TDM) in the Active Incident Recovery Research. In: Zhou, X., Xu, M., Jähnichen, S., Cao, J. (eds.) APPT 2003. LNCS, vol. 2834, pp. 557–564. Springer, Heidelberg (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Xu, X., Huang, Z., Xuan, L. (2004). Autonomic Computing for Defense-in-Depth Information Assurance: Architecture and a Case Study. In: Jin, H., Pan, Y., Xiao, N., Sun, J. (eds) Grid and Cooperative Computing - GCC 2004 Workshops. GCC 2004. Lecture Notes in Computer Science, vol 3252. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30207-0_52
Download citation
DOI: https://doi.org/10.1007/978-3-540-30207-0_52
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23578-1
Online ISBN: 978-3-540-30207-0
eBook Packages: Springer Book Archive