Building intrusion tolerant applications

  • Authors:
  • Thomas Wu;Michael Malkin;Dan Boneh

  • Affiliations:
  • -;-;-

  • Venue:
  • SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
  • Year:
  • 1999

Quantified Score

Hi-index 0.00

Visualization

Abstract

The ITTC project (Intrusion Tolerance via Threshold Cryptography) provides tools and an infrastructure for building intrusion tolerant applications. Rather than prevent intrusions or detect them after the fact, the ITTC system ensures that the compromise of a few system components does not compromise sensitive security information. To do so we protect cryptographic keys by distributing them across a few servers. The keys are never reconstructed at a single location. Our designs are intended to simplify the integration of ITTC into existing applications. We give examples of embedding ITTC into the Apache web server and into a Certification Authority (CA). Performance measurements on both the modified web server and the modified CA show that the architecture works and performs well.