The FOREVER service for fault/intrusion removal
Proceedings of the 2nd workshop on Recent advances on intrusiton-tolerant systems
Analysis of a Redundant Architecture for Critical Infrastructure Protection
Architecting Dependable Systems V
FOREVER: Fault/intrusiOn REmoVal through Evolution & Recovery
Proceedings of the ACM/IFIP/USENIX Middleware '08 Conference Companion
Functional decomposition and interactions in hybrid intrusion-tolerant systems
Proceedings of the 3rd International DiscCoTec Workshop on Middleware-Application Interaction
Proactive Fortification of Fault-Tolerant Services
OPODIS '09 Proceedings of the 13th International Conference on Principles of Distributed Systems
ACM Transactions on Computer Systems (TOCS)
ZZ and the art of practical BFT execution
Proceedings of the sixth conference on Computer systems
Secure virtualization for cloud computing
Journal of Network and Computer Applications
Integrating fault-tolerant techniques into the design of critical systems
ISARCS'10 Proceedings of the First international conference on Architecting Critical Systems
A Systematic Survey of Self-Protecting Software Systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
| Hi-index | 0.00 |
Previous works have studied how to use proactive recovery to build intrusion-tolerant replicated systems that are resilient to any number of faults, as long as recoveries are faster than an upper-bound on fault production assumed at system deployment time. In this paper, we propose a complementary approach that combines proactive recovery with services that allow correct replicas to react and recover replicas that they detect or suspect to be compromised. One key feature of our proactive-reactive recovery approach is that, despite recoveries, it guarantees the availability of the minimum amount of system replicas necessary to sustain system's correct operation. We design a proactive-reactive recovery service based on a hybrid distributed system model and show, as a case study, how this service can effectively be used to augment the resilience of an intrusion-tolerant firewall adequate for the protection of critical infrastructures.