Skip to main content
SpringerLink
Log in

Secure System Architecture Based on Dynamic Resource Reallocation

  • Conference paper
Information Security Applications (WISA 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2908))

Included in the following conference series:

Abstract

A secure system architecture using a two-level approach is presented in this paper. At the node level, by means of dynamic resource reallocation within a computing node, the critical services previously selected are to survive even after the occurrence of an attack. If it becomes impossible to find enough resources for the services within the node in spite of the adaptive actions taken at the node level, it moves to the system level. The system level mechanism is to deliver the intended services transparently to the clients even when a node fails by means of inter-node resource reallocation. An architecture adopting diverse redundant computing nodes is proposed for that purpose. Through the experiments on a test-bed, especially, for web services, the approach turned out very effective to cope with not only denial of service attacks but also confidentiality and integrity attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Hiltunen, M.A., et al.: Survivability through Customization and Adaptability: The Cactus Approach. In: DARPA Information Survivability Conference & EXposition, pp. 294–306 (1999) 0-7695-0490-6/99

    Google Scholar 

  2. Moore, A.P.: Attack Modeling for Information Security and Survivability, Technical Node, CMU/SEI-2001-TN-001, CMU (2001)

    Google Scholar 

  3. National Security Agency, Defence Advanced Research Projects Agency, Office of the Assistant Secretary of Defence, Securing the U.S Defence Information Infrastructures: A Proposed Approach, Technical Report (1998)

    Google Scholar 

  4. Pease, M., Shostak, R., Lamport, L.: Reaching Agreement in the Presence of Faults. Journal of the ACM 27/2, 228–234 (1980)

    Article  MathSciNet  Google Scholar 

  5. Randell, B.: Dependability - Unifying Concept. Computer Security, Dependability & Assurance: From Needs to Solutions (1998) ISBN 0-7695-0337-3/99

    Google Scholar 

  6. Reynolds, J., et al.: The Design and Implementation of an Intrusion Tolerant System. In: Proc. of Int’l Conference on Dependable Systems and Networks, Washington D.C., pp. 258–290 (June 2002)

    Google Scholar 

  7. Stavridou, V., et al.: Intrusion Tolerant Software Architectures. In: DARPA Information Survivability Conference & EXposition, Anaheim (June 2001) ISBN 0-7695-1212-7/01

    Google Scholar 

  8. Wang, F., et al.: SITAR: A Scalable Intrusion-Tolerant Architecture for Distributed Services. In: Proc. of 2001 IEEE Workshop on Information Assurance and Security US Military Academy, pp. 38–45, West Point, NY (June 2001)

    Google Scholar 

  9. Wilikens, M., et al.: Defining the European Dependability Initiative. Dependability & Assurance: From Needs to Solutions, Report of the Workshop on Dependability of Critical Systems and Services in the Information Society, Italy (December 1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science and Engineering, University of Incheon, 177, Dohwa-dong, Nam-gu, Incheon, 402-749, Republic of Korea

    Byoung Joon Min & Sung Ki Kim

  2. Korea Information Security Agency, 78, Karak-dong, Songpa-gu, Seoul, 138-160, Republic of Korea

    Joong Sup Choi

Authors
  1. Byoung Joon Min
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sung Ki Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Joong Sup Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Computer Science and Engineering, Ewha Womans University, Korea

    Ki-Joon Chae

  2. Computer Science Department, Google Inc. and Columbia University, 1214 Amsterdam Avenue, NY 10027, New York, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Min, B.J., Kim, S.K., Choi, J.S. (2004). Secure System Architecture Based on Dynamic Resource Reallocation. In: Chae, KJ., Yung, M. (eds) Information Security Applications. WISA 2003. Lecture Notes in Computer Science, vol 2908. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24591-9_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24591-9_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20827-3

  • Online ISBN: 978-3-540-24591-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation