DARPA ISO Sponsored Research

2000 Project Summary
Intrusion Tolerant Server Infrastructure
Secure Computing Corporation

Project Website:  Under construction 
Quad Chart:  Link to Quad Chart 
Objective: The goal of the Intrusion Tolerant Server Infrastructure (ITSI) program is to develop a server infrastructure that will provide the support needed to survive malicious attacks.  The infrastructure will help reduce intrusions, prevent the propagation of intrusions that do occur, provide automated load shifting between servers when an intrusion is detected, and support automated server recovery.  
Approach: The proposed infrastructure consists of two main components:
  • Policy Enforcing Network Interface Cards (PENs) to provide network layer controls
  • Availability and Integrity Controller (AIC)  to manage policy on the PENs and provide recovery and restoration functions.
PENs are network interface cards that have been enhanced to provide additional controls.  They offer the following capabilities:
  • Packet Filtering
  • IPSEC support
  • Network layer audit
  • Dynamic response capability
  • Host independence
  • Central management.
The PEN will apply packet filtering on both incoming and outgoing packets. Thus, even a hostile host administrator at the keyboard of a host, cannot make connections that violate the PEN policy. This is in contrast with typical networks, where the compromise of one host, serves as a launching point for attacks on other hosts.  PENs are being developed by SCC on two other DARPA programs: Releasable Data Products Framework (IA) and Autonomic Distributed Firewall (AIA); as well as on a DOE program: High Speed Firewall.

Centralized PEN management is provided by the AIC.  It is used to define policies for packet filtering, IPSEC and packet redirection; it acts as the interface to other Intrustion Detection and Response systems; it supports anomaly logging and reporting from the PENs; and it directs the response, recovery and restoration activities when an intrustion occurs. The AIC provides a degree of automated recovery from intrusions. The technology will detect corruption, shunt benign users to a redundant server, attempt to automatically restore the corrupted files on the server, and then bring the restored server back online.  

Recent FY-00 Accomplishments: This project is a FY-00 new start that had its kickoff presentation at the July 2000 DARPA Joint PI meeting.
FY-01 Plans: Develop a Concept of Operations, Architecture and Design for the ITSI.
Develop an initial prototype.
Technology Transition: Technology transition will occur via two routes:
  • Making results available to other researchers thru
    • Conference papers
    • Collaboration
    • Code sharing
  • Making results available to the DoD thru 
    • Commercialization
Principal Investigator: PI Name                             Dick O'Brien
Organization                        Secure Computing Corporation
Address                              2675 Long Lake Road
                                           Roseville, MN 55113
Phone                                 651-628-2765
Fax                                     651-628-2701
email                                   obrien@securecomputing.com

Admin Contact Name         Bill Erbes
Organization                       SecureComputing Corporation
Address                             2675 Long Lake Road
                                          Roseville, MN 55113
Phone                                651-628-2733
Fax                                    651-628-2701
email                                  erbes@securecomputing.com