Intrusion tolerance is a fault-tolerant design approach to defending information systems against malicious attacks. In that sense, it is also a computer security approach. Abandoning the conventional aim of preventing all intrusions, intrusion tolerance instead calls for triggering mechanisms that prevent intrusions from leading to a system security failure.
Distributed computing
editIn distributed computing there are two major variants of intrusion tolerance mechanisms: mechanisms based on redundancy, such as the Byzantine fault tolerance, as well as mechanisms based on intrusion detection as implemented in intrusion detection system) and intrusion reaction.
Intrusion-tolerant server architectures
editIntrusion-tolerance has started to influence the design of server architectures in academic institutions, and industry. Examples of such server architectures include KARMA, Splunk IT Service Intelligence (ITSI), project ITUA, and the practical Byzantine Fault Tolerance (pBFT) model.[1]
See also
editReferences
edit- ^ Joao Batista Camargo Jr.; Rogério le Lemos; Taisy Silva Weber, eds. (2003). Dependable Computing: First Latin-American Symposium, LADC 2003, Sao Paulo, Brazil. Springer. p. 81. ISBN 9783540202240.