Intrusion-Tolerant Protection for Critical Infrastructures

Detalhes bibliográficos
Autor(a) principal: Bessani, Alysson Neves
Data de Publicação: 2007
Outros Autores: Sousa, Paulo, Correia, Miguel, Neves, Nuno Ferreira, Veríssimo, Paulo
Tipo de documento: Relatório
Idioma: por
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10451/14162
Resumo: Today's critical infrastructures like the Power Grid are essentially physical processes controlled by computers connected by networks. They are usually as vulnerable as any other interconnected computer system, but their failure has a high socio-economic impact. The paper describes a new construct for the protection of these infrastructures, based on distributed algorithms and mechanisms implemented between a set of devices called CIS. CIS collectively ensure that incoming/outgoing traffic satisfies the security policy of an organization in the face of accidents and attacks. However, they are not simple firewalls but distributed protection devices based on a sophisticated access control model. Likewise, they seek perpetual unattended correct operation, so they are designed with intrusion-tolerant capabilities and hardened with proactive recovery. The paper discusses the rationale behind the use of CIS to improve the resilience of critical infrastructures and presents a design using logical replication based on virtual machines
id RCAP_6407fafe9e0fd3acb2025b57a241f411
oai_identifier_str oai:repositorio.ul.pt:10451/14162
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Intrusion-Tolerant Protection for Critical InfrastructuresIntrusion ToleranceCritical InfrastructuresFirewallWormholesToday's critical infrastructures like the Power Grid are essentially physical processes controlled by computers connected by networks. They are usually as vulnerable as any other interconnected computer system, but their failure has a high socio-economic impact. The paper describes a new construct for the protection of these infrastructures, based on distributed algorithms and mechanisms implemented between a set of devices called CIS. CIS collectively ensure that incoming/outgoing traffic satisfies the security policy of an organization in the face of accidents and attacks. However, they are not simple firewalls but distributed protection devices based on a sophisticated access control model. Likewise, they seek perpetual unattended correct operation, so they are designed with intrusion-tolerant capabilities and hardened with proactive recovery. The paper discusses the rationale behind the use of CIS to improve the resilience of critical infrastructures and presents a design using logical replication based on virtual machinesDepartment of Informatics, University of LisbonRepositório da Universidade de LisboaBessani, Alysson NevesSousa, PauloCorreia, MiguelNeves, Nuno FerreiraVeríssimo, Paulo2009-02-10T13:12:04Z2007-042007-04-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/reportapplication/pdfhttp://hdl.handle.net/10451/14162porinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-11-08T15:59:48Zoai:repositorio.ul.pt:10451/14162Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T21:36:00.192805Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Intrusion-Tolerant Protection for Critical Infrastructures
title Intrusion-Tolerant Protection for Critical Infrastructures
spellingShingle Intrusion-Tolerant Protection for Critical Infrastructures
Bessani, Alysson Neves
Intrusion Tolerance
Critical Infrastructures
Firewall
Wormholes
title_short Intrusion-Tolerant Protection for Critical Infrastructures
title_full Intrusion-Tolerant Protection for Critical Infrastructures
title_fullStr Intrusion-Tolerant Protection for Critical Infrastructures
title_full_unstemmed Intrusion-Tolerant Protection for Critical Infrastructures
title_sort Intrusion-Tolerant Protection for Critical Infrastructures
author Bessani, Alysson Neves
author_facet Bessani, Alysson Neves
Sousa, Paulo
Correia, Miguel
Neves, Nuno Ferreira
Veríssimo, Paulo
author_role author
author2 Sousa, Paulo
Correia, Miguel
Neves, Nuno Ferreira
Veríssimo, Paulo
author2_role author
author
author
author
dc.contributor.none.fl_str_mv Repositório da Universidade de Lisboa
dc.contributor.author.fl_str_mv Bessani, Alysson Neves
Sousa, Paulo
Correia, Miguel
Neves, Nuno Ferreira
Veríssimo, Paulo
dc.subject.por.fl_str_mv Intrusion Tolerance
Critical Infrastructures
Firewall
Wormholes
topic Intrusion Tolerance
Critical Infrastructures
Firewall
Wormholes
description Today's critical infrastructures like the Power Grid are essentially physical processes controlled by computers connected by networks. They are usually as vulnerable as any other interconnected computer system, but their failure has a high socio-economic impact. The paper describes a new construct for the protection of these infrastructures, based on distributed algorithms and mechanisms implemented between a set of devices called CIS. CIS collectively ensure that incoming/outgoing traffic satisfies the security policy of an organization in the face of accidents and attacks. However, they are not simple firewalls but distributed protection devices based on a sophisticated access control model. Likewise, they seek perpetual unattended correct operation, so they are designed with intrusion-tolerant capabilities and hardened with proactive recovery. The paper discusses the rationale behind the use of CIS to improve the resilience of critical infrastructures and presents a design using logical replication based on virtual machines
publishDate 2007
dc.date.none.fl_str_mv 2007-04
2007-04-01T00:00:00Z
2009-02-10T13:12:04Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/report
format report
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10451/14162
url http://hdl.handle.net/10451/14162
dc.language.iso.fl_str_mv por
language por
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Department of Informatics, University of Lisbon
publisher.none.fl_str_mv Department of Informatics, University of Lisbon
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799134258579636224

Registros relacionados