Author(s): Welch I, Warne J, Ryan P, Stroud R
Abstract: The purpose of this report is to provide an analysis of MAFTIA’s intrusion tolerance capabilities at an architectural level. We first summarise the various architectural concepts and mechanisms that MAFTIA has developed for constructing intrusion tolerant systems. We then present a realistic “use case” for the MAFTIA architecture, based on a simplified but realistic e-commerce application. Using a methodology based on fault trees, we provide a representative but by no means complete set of attack scenarios, which we then analyse in order to highlight the ways in which MAFTIA’s architectural mechanisms support the construction of intrusion tolerant Internet applications. Finally, we conclude the document with a discussion of the overall MAFTIA approach to achieving intrusion tolerance, identifying the key architectural components, and highlighting areas for future research.
Keywords: Intrusion Tolerance, Fault Assessment, Fault Trees
|
| |
|