Building intrusion tolerant applications
Authors: T. Wu, M. Malkin, and D. Boneh
Abstract:
The ITTC project provides tools and an infrastructure for building
intrusion tolerant applications.
Rather than prevent intrusions or detect them after the fact, the ITTC
system ensures that the compromise of a few system components does not
compromise total system security. Our designs are intended to simplify
the integration of ITTC into existing applications. We give examples
of embedding ITTC into the Apache web server and into a Certification
Authority (CA).
Reference:
In proceedings of the 8th USENIX Security Symposium, pp. 79--91, 1999
Full paper: PostScript, PDF [first posted 7/1999 ]
Related papers:
See our related work on experimenting with
distributed RSA key generation.
ITTC Project Home Page.