MAFTIA Expression of Interest for DEFINE and DESIRE presented by Robert Stroud, University of Newcastle upon Tyne
Project members Robert Stroud, Peter Ryan, University of Newcastle upon Tyne David Powell, Yves Deswarte, CNRS-LAAS Paulo Veríssimo, Nuno Neves, University of Lisboa Andreas Wespi, Christian Cachin, IBM Research, Zurich Sadie Creese, Qinetiq Andre Adelsbach, Christian Stüble, University of Saarland
Added value MAFTIA has been described as “uniquely synergistic” The consortium brings together experts from many different communities: fault-tolerance, distributed computing, computer security, intrusion detection and cryptography Each community has its own terminology and this is sometimes a source of confusion: Attack vs intrusion Trusted vs trustworthy Dependability concepts can be used to clarify these issues
Project Objectives The goal of MAFTIA was to investigate the ‘tolerance’ paradigm for security systematically Work has focused in three main areas: the architecture of MAFTIA: providing a framework that ensures the dependability of distributed applications in the face of a wide class of faults and attacks, the design of mechanisms and protocols: providing the required building blocks to implement large scale dependable applications, the formal assessment of our work: rigorously defining the basic concepts developed by MAFTIA and verifying the results of the work on dependable middleware. MAFTIA has made significant progress in each of these areas, and is seen to be a leader in the field of intrusion tolerance by DARPA projects working in the same area
MAFTIA contributions to DESIRE Trusted System Components How to construct trustworthy system building blocks with carefully defined failure modes Intrusion Tolerant Protocols and Services Use of hybrid failure models, extending and generalising existing MAFTIA results on group communication Reliable Intrusion Detection Systems Improving the accuracy of existing IDSs, making them intrusion tolerant, use for error detection and recovery Case Studies Industrial applications of MAFTIA’s existing results
MAFTIA contributions to DEFINE Intrusion Tolerance Concepts Trust models and security policies for ubiquitous computing Architectural Frameworks Acceptable availability under attack,dynamic adaptation to environmental changes Application Level Intrusion Detection Lightweight targeted IDS, integration with application level error recovery in a workflow system Intrusion Tolerant Authorisation Schemes Extending MAFTIA’s existing work to deal with mobile hosts and ad hoc networks, integration with transactional workflows Verification and Assessment Tools and techniques to support vulnerability forecasting and vulnerability removal, security cases, attack trees