分布式计算系统中的入侵容忍

Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy Pub Date : 1991-05-20 DOI:10.1109/RISP.1991.130780

Y. Deswarte, L. Blain, J. Fabre

{"title":"分布式计算系统中的入侵容忍","authors":"Y. Deswarte, L. Blain, J. Fabre","doi":"10.1109/RISP.1991.130780","DOIUrl":null,"url":null,"abstract":"An intrusion-tolerant distributed system is a system which is designed so that any intrusion into a part of the system will not endanger confidentiality, integrity and availability. This approach is suitable for distributed systems, because distribution enables isolation of elements so that an intrusion gives physical access to only a part of the system. In particular, the intrusion-tolerant authentication and authorization servers enable a consistent security policy to be implemented on a set of heterogeneous, untrusted sites, administered by untrusted (but nonconspiring) people. The authors describe how some functions of distributed systems can be designed to tolerate intrusions. A prototype of the persistent file server presented has been successfully developed and implemented as part of the Delta-4 project of the European ESPRIT program.<<ETX>>","PeriodicalId":445112,"journal":{"name":"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1991-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"268","resultStr":"{\"title\":\"Intrusion tolerance in distributed computing systems\",\"authors\":\"Y. Deswarte, L. Blain, J. Fabre\",\"doi\":\"10.1109/RISP.1991.130780\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"An intrusion-tolerant distributed system is a system which is designed so that any intrusion into a part of the system will not endanger confidentiality, integrity and availability. This approach is suitable for distributed systems, because distribution enables isolation of elements so that an intrusion gives physical access to only a part of the system. In particular, the intrusion-tolerant authentication and authorization servers enable a consistent security policy to be implemented on a set of heterogeneous, untrusted sites, administered by untrusted (but nonconspiring) people. The authors describe how some functions of distributed systems can be designed to tolerate intrusions. A prototype of the persistent file server presented has been successfully developed and implemented as part of the Delta-4 project of the European ESPRIT program.<<ETX>>\",\"PeriodicalId\":445112,\"journal\":{\"name\":\"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy\",\"volume\":\"37 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1991-05-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"268\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RISP.1991.130780\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RISP.1991.130780","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 268

摘要

可容忍入侵的分布式系统是这样一种系统:任何对系统的入侵都不会危及系统的保密性、完整性和可用性。这种方法适合于分布式系统，因为分布式支持元素的隔离，因此入侵只能对系统的一部分进行物理访问。特别是，可容忍入侵的身份验证和授权服务器支持在一组异构的、不受信任的站点上实现一致的安全策略，这些站点由不受信任的(但不是共谋的)人员管理。作者描述了如何设计分布式系统的某些功能以容忍入侵。作为欧洲ESPRIT项目Delta-4项目的一部分，本文介绍的持久性文件服务器原型已经成功开发并实现。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Intrusion tolerance in distributed computing systems

An intrusion-tolerant distributed system is a system which is designed so that any intrusion into a part of the system will not endanger confidentiality, integrity and availability. This approach is suitable for distributed systems, because distribution enables isolation of elements so that an intrusion gives physical access to only a part of the system. In particular, the intrusion-tolerant authentication and authorization servers enable a consistent security policy to be implemented on a set of heterogeneous, untrusted sites, administered by untrusted (but nonconspiring) people. The authors describe how some functions of distributed systems can be designed to tolerate intrusions. A prototype of the persistent file server presented has been successfully developed and implemented as part of the Delta-4 project of the European ESPRIT program.<>

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy

自引率

0.00%

发文量