2000 Project Summary
|Project Website:||http://www.dist-systems.bbn.com/projects/ITUA/index.shtml -- Additional project information provided by the performing organization|
|Quad Chart:||Link to Quad Chart provided by the performing organization|
Applications that can react to intrusion attacks and survive the
consequences are key problems in the area of intrusion tolerant
systems. While the idea of intrusion-aware, survivable applications
is a natural part of the defense in depth concept, there currently is
no easy and systematic way to support such a concept in today's
distributed systems infrastructure. A survivable application must
incorporate a "survivability strategy"-a specification distinct from
its functional requirements, covering behavior during an intrusion
attack. These strategies involve adaptation and awareness of the
environment and system resources because intrusion attacks affect
the availability and quality of these resources. Adaptive responses
must be unpredictable to the attacker in order to withstand
sophisticated, multi-stage attacks. The availability of multiple
options for responding to a symptom enables unpredictability.
Our objective is to develop a capability that will allow applications to tolerate pre-planned and coordinated attacks that may lead to Byzantine failures in the system. We will first investigate cases where components fail in an arbitrary manner, and there are multiple simultaneous failures or cascading waves of failures due to intrusion attacks. We will then develop algorithms and implement prototype mechanisms that will enable applications to survive these attack symptoms.
We will demonstrate that using the tools developed it is possible to build distributed applications that tolerate a set of coordinated and pre-planned attacks significantly better and longer than the state of the art today, and that such applications can be built in a systematic and cost-effective way.
We will demonstrate the applicability of our technology in the context of military applications by first evaluating the results in the context of on-going DoD programs through project participants and later by transitioning it into a DoD applications that need intrusion tolerance.
Our approach is to:
We view middleware as the appropriate place to coordinate the new services required to support intrusion-aware survivable applications. Middleware technology has advanced to the point where integration of diverse mechanisms such as security and fault-tolerance is possible in a realistic and cost-effective manner.
The following are the key aspects of our approach:
|Recent FY-00 Accomplishments:||The project began in July 2000.|
During FY-01 we plan to analyze the way in which pre-planned and
coordinated attacks can cause simultaneous and cascading failures of
arbitrary nature. We will then develop algorithms for coping with
such failures. One way of doing that is to use redundancy and
Byzantine agreement protocols in managing system resources.
We will then devise adaptive responses that an application can take
using the capabilities of a redundancy mechanism that employs this
algorithm. We plan to implement a prototype of the of the redundancy
mechanism and adaptive strategies, which will constitute the initial
prototype of our middleware-based survivability mechanism. We will
also develop a concept demonstration using this initial prototype.
The initial prototype will be continually refined to add additional capabilities such as unpredictable response engagement and self-protection throughout the life of the project.
|Technology Transition:||As the primary members of the project team, BBN and the University of Illinois have existing relationships with DoD applications (e.g. ALP, WSOA etc.) and will actively work to promote the project results in these and other domains. In addition, the Open Systems Architecture Group at Boeing Corporation has joined with BBN and UI to provide the ITUA team with direct access to defense development environments as working examples, and for test and evaluation of results.We will identify a DoD application being developed at Boeing early on in the project and use it to evaluate assumptions and approaches against its needs. We will continually evaluate our technology as it evolves incrementally against the same application to ensure that the solution our technology provides is also realistic and valid.|
|Principal Investigator:||PI Name: Partha Pal
Organization: BBN Technologies
Address: 10 Moulton Street, Cambridge, MA 02138
Phone: 617 873 2056
Fax: 617 873 4328
Admin Contact Name: Bruce Malley