Malicious-and Accidental-Fault Tolerance for Internet Applications
IST Research Project IST-
1 January 2000 - 28 February 2003
|
Malicious-and Accidental-Fault Tolerance for Internet Applications IST Research Project IST- 1 January 2000 - 28 February 2003 |
|
|
  Conceptual Model and ArchitectureWP1 concentrated on the Conceptual Model and Architecture of attack tolerance. Deliverables...  Dependable MiddlewareWP2 developed a modular and scalable cryptographic group-oriented middleware suite Deliverables...  Intrusion DetectionWP3 investigated ways of reducing the high rate of false positives and false negatives for existing Intrusion Detection Systems (IDSs), whilst making the IDS itself intrusion-tolerant Deliverables...  Trusted Third PartiesWP4 designed a generic architecture for dependable Trusted Third Party (TTP) services based on results from WP2. Deliverables...  Distributed AuthorisationIn WP5, we defined a framework for access control and authorisation Deliverables...  Verification and AssessmentWP6 worked towards formalisation of the MAFTIA conceptual model Deliverables... |
||||||||||||||||
Description of the WorkResearch was structured into six technical workpackages (WP). The output of each workpackage takes the form of deliverables. These include prototype implementation and demonstrations, as well as technical papers and reports. There were three main areas of work: concepts and architecture, mechanisms and protocols, and verification and assessment.
WP1 developed a conceptual model and architecture for intrusion tolerant systems. The core dependability concepts were refined with respect to malicious faults, and an integrated framework for combining intrusion detection with intrusion tolerance was developed.
WP2 developed a modular and scalable cryptographic group-oriented middleware suite, suitable for supporting reliable multi-party interactions under partial synchrony models and subject to malicious as well as accidental faults. We also developed a framework for building intrusion-tolerant transactional systems that are as resilient to attacks as they are to accidental faults.
WP3 investigated ways of reducing the high rate of false positives and false negatives for existing Intrusion Detection Systems (IDSs), whilst making the IDS itself intrusion-tolerant.
In WP4 we designed a generic architecture for dependable Trusted Third Party (TTP) services based on results from WP2. We specified the services that the TTP needed to provide, then implemented the protocols in a first prototype.
In WP5 we defined a framework for access control and authorisation in a distributed environment where the access control decision is distributed among parties that might not trust each other completely. We designed and prototyped flexible authorisation schemes, adapted to multi-party transactions.
WP6 worked towards formalisation of the MAFTIA conceptual model. It employed existing methods and tools to assess new MAFTIA mechanisms, and developed a novel combination of existing approaches to the validation of cryptographic mechanisms. |
||||||||||||||||||
|
