Security Evaluation of an Intrusion Tolerant Web Service Architecture Using Stochastic Activity Networks

Authors:
Zahra Aghajani;Mohammad Abdollahi Azgomi
Affiliations:
ICT Group, E-Learning Center, Iran University of Science and Technology, Tehran, Iran Performance and Dependability Research Lab., Department of Computer Engineering, Iran University of Science an ...;ICT Group, E-Learning Center, Iran University of Science and Technology, Tehran, Iran Performance and Dependability Research Lab., Department of Computer Engineering, Iran University of Science an ...
Venue:
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Year:
2009

Citing 4
Cited 0

Stochastic activity networks: formal definitions and concepts

Lectures on formal methods and performance analysis
Web Services Essentials

Web Services Essentials
Security analysis of SITAR intrusion tolerance system

Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
Fault-Tolerant Systems

Fault-Tolerant Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Today, security is an important quality of service attribute of information systems. In addition to countermeasures for detection and prevention of intrusions, dependable information systems should be able to tolerate them. Intrusion tolerant systems are those kinds of systems that are survivable and can continue their correct operation in spite of attacks and intrusions. In this paper we present a high-level stochastic activity network (SAN) model, which is constructed using Möbius modeling tool, to evaluate some important security measures of a multi-layer architecture for intrusion tolerant web services. Using analytic solvers of the tool, we have evaluated some security and survivability measures of the architecture.