Intrusion-Tolerant Middleware: the Road to Automatic Security

Paulo Verissimo, Nuno Neves, Christian Cachin, Jonathan Poritz, David Powell, Yves Deswarte, Robert Stroud, Ian Welch



The pervasive interconnection of systems throughout the world has given computer services a significant socioeconomic value that both accidental faults and malicious activity can affect. The classical approach to security has mostly consisted of trying to prevent bad things from happening--by developing systems without vulnerabilities, for example, or by detecting attacks and intrusions and deploying ad hoc countermeasures before any part of the system is damaged. But what if we could address both faults and attacks in a seamless manner, through a common approach to security and dependability?

Keywords: Computer security, dependability, fault tolerance, Internet, intrusion tolerance.