An Architecture for Self-Protecting Autonomic Systems
作者: Michael Jarrett
DOI:
关键词: Layer (object-oriented design) 、 IBM 、 Intrusion detection system 、 Implementation 、 Context (language use) 、 Information technology 、 Computer science 、 Autonomic computing 、 Security policy 、 Computer security
摘要: Autonomic computing is the concept of designing complex information technology environments with ability to perform management tasks on their own without human support. These systems have been defined by self-configure, self-optimize, self-heal, and self-protect. Administrators would only be required specify high level requirements system, rather than mundate configuration individual componts, greatly reducing for administration large systems. Self-protection refers an autonomic system secure itself against intrusions, react protect when it detects that intruder has successfully circumvented security policy system. While many elements such abilities exist, very little research performed how one combine these create meet this criteria self-protection. A structure proposed mapping responsibilities a fulfil onto basic architecture as described IBM. This hierarchy divided up into three layers. The highest layer deals inputs from administrators themselves, both generic system-wide policy, policies inherent in each application run middle translates applicable collections coordinates actions at bottom layer. In reside provide services are ultimately responsible detecting responding intrusions. Many components currently researched years, specification, intrusion detection systems, rational agents. Other components, response technologies, more recent topics, not often explored context computing. It environment designed allow experimentation structures. could based future release technology, new created using existing distributed communication or simulation experimental purposes. Once available, can done structures components. One interesting area response, specifically through diversity approach; where respond threats replacing differing implementations.
lownewulf.com 参考文章(15)
Dominique Alessandri, Towards a Taxonomy of Intrusion Detection Systems and Attacks ,(2001)
Mary Shaw, "Self-Healing": Softening Precision to Avoid Brittleness ,(2002)
Massimo Marchiori, Lorrie Cranor, Marc Langheinrich, Martin Presler-Marshall, Joseph Reagle, The platform for privacy preferences 1.0 (p3p1.0) specification W3C Recommendation. ,(2002)
A. G. Ganek, T. A. Corbi, The dawning of the autonomic computing era Ibm Systems Journal. ,vol. 42, pp. 5- 18 ,(2003) , 10.1147/SJ.421.0005
Hervé Debar, Marc Dacier, Andreas Wespi, Towards a taxonomy of intrusion-detection systems Computer Networks. ,vol. 31, pp. 805- 822 ,(1999) , 10.1016/S1389-1286(98)00017-6
Suresh N. Chari, Pau-Chen Cheng, BlueBoX ACM Transactions on Information and System Security. ,vol. 6, pp. 173- 200 ,(2003) , 10.1145/762476.762477
Steven A. Hofmeyr, Stephanie Forrest, Architecture for an Artificial Immune System Evolutionary Computation. ,vol. 8, pp. 443- 473 ,(2000) , 10.1162/106365600568257
George Candea, James Cutler, Armando Fox, Rushabh Doshi, Priyank Garg, Rakesh Gowda, None, Reducing recovery time in a small recursively restartable system dependable systems and networks. pp. 605- 614 ,(2002) , 10.1109/DSN.2002.1029006
V.A. Ha, D.J. Musliner, Balancing safety against performance: tradeoffs in Internet security hawaii international conference on system sciences. pp. 205- ,(2003) , 10.1109/HICSS.2003.1174465
S. Forrest, A. Somayaji, D.H. Ackley, Building diverse computer systems Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133). pp. 67- 72 ,(1997) , 10.1109/HOTOS.1997.595185