Uma Rede Overlay Tolerante a Intrusões
Resumo
Este artigo apresenta ROTI, uma rede overlay tolerante a intrusões. A ROTI provê segurança para as mensagens e usa protocolos de encaminhamento de pacotes e roteamento tolerantes a faltas bizantinas. Quando da detecção de falhas, a rede overlay pode se reconfigurar, excluindo links faltosos e adicionando nós para preservar a segurança e a disponibilidade da rede.Referências
Y. Amir and C. Danilov. Reliable Communication in Overlay Networks. In Proc. Int’l Conf. on Dependable Systems and Networks, pages 511–520, San Francisco, CA, June 2003.
Y. Amir, C. Danilov, and C. Nita-Rotaru. High Performance, Robust, Secure and Transparent Overlay Network Service. In Proc. Int’l Workshop on Future Directions in Distributed Computing, Bertinoro (Italy), June 2002.
D. G. Andersen, H. Balakrishnan, F. Kaashoek, and R. Morris. Resilient Overlay Networks. In Proc. 18th ACM Symp. on Operating Systems Principles, pages 131–145, Banff, AB (Canada), Oct. 2001.
B. Awerbuch, D. Holmer, C. Nita-Rotaru, and H. Rubens. An On-Demand Secure Routing Protocol Resilient to Byzantine Failures. In Proc. ACM Workshop on Wireless Security, pages 21–30, Atlanta, GA, Sept. 2002.
Y. Deswarte, L. Blain, and J.-C. Fabre. Intrusion Tolerance in Distributed Computing Systems. In Proc. IEEE Symp. on Security and Privacy, pages 110–121, Oakland, CA, 1991.
W. Diffie and M. E. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory, IT-22(6):644–654, Nov. 1976.
C. M. Ellison. SPKI Requirements. RFC 2692, Internet Engineering Task Force, Sept. 1999.
C. M. Ellison, B. Frantz, B. W. Lampson, R. L. Rivest, B. Thomas, and T. Ylönen. SPKI Certificate Theory. RFC 2693, Internet Engineering Task Force, Sept. 1999.
J. S. Fraga and D. Powell. A Fault and Intrusion-Tolerant File System. In Proc. 3rd International Congress on Computer Security, pages 203–218, Dublin (Ireland), Aug. 1985.
J. Han, G. R. Malan, and F. Jahanian. Fault-Tolerant Virtual Private Networks within An Autonomous System. In Proc. 21st Symp. on Reliable Distributed Systems, pages 41–50, Suita (Japan), Oct. 2002.
M. A. Hiltunen, R. D. Schlichting, and C. A. Ugarte. Building Survivable Services Using Redundancy and Adaptation. IEEE Transactions on Computers, 52(2):181–194, Feb. 2003.
A. Householder, A. Manion, L. Pesante, G. M. Weaver, and R. Thomas. Managing the Threat of Denial-of-Service Attacks. CERT Coordination Center, Oct. 2001.
Y.-C. Hu, A. Perrig, and D. B. Johnson. Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks. In Proc. 8th Annual Int’l Conf. on Mobile Computing and Networking, pages 12–23, Atlanta, GA, Sept. 2002.
A. D. Keromytis, V. Misra, and D. Rub enstein. SOS: Secure Overlay Services. In Proc. ACM SIGCOMM Conf., pages 61–72, Pittsburgh, PA, Aug. 2002.
P. Papadimitratos and Z. J. Haas. Securing the Internet Routing Infrastructure. IEEE Communications Magazine, 40(10):60–68, Oct. 2002.
R. J. Perlman. Network Layer Protocols with Byzantine Robustness. PhD thesis, Massachusetts Institute of Technology, Cambridge, MA, Jan. 1988.
P. Veríssimo, N. F. Neves, and M. Correia. Intrusion-Tolerant Architectures: Concepts and Design. DI/FCUL TR 03-05, Department of Informatics, University of Lisbon, Apr. 2003.
Y. Amir, C. Danilov, and C. Nita-Rotaru. High Performance, Robust, Secure and Transparent Overlay Network Service. In Proc. Int’l Workshop on Future Directions in Distributed Computing, Bertinoro (Italy), June 2002.
D. G. Andersen, H. Balakrishnan, F. Kaashoek, and R. Morris. Resilient Overlay Networks. In Proc. 18th ACM Symp. on Operating Systems Principles, pages 131–145, Banff, AB (Canada), Oct. 2001.
B. Awerbuch, D. Holmer, C. Nita-Rotaru, and H. Rubens. An On-Demand Secure Routing Protocol Resilient to Byzantine Failures. In Proc. ACM Workshop on Wireless Security, pages 21–30, Atlanta, GA, Sept. 2002.
Y. Deswarte, L. Blain, and J.-C. Fabre. Intrusion Tolerance in Distributed Computing Systems. In Proc. IEEE Symp. on Security and Privacy, pages 110–121, Oakland, CA, 1991.
W. Diffie and M. E. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory, IT-22(6):644–654, Nov. 1976.
C. M. Ellison. SPKI Requirements. RFC 2692, Internet Engineering Task Force, Sept. 1999.
C. M. Ellison, B. Frantz, B. W. Lampson, R. L. Rivest, B. Thomas, and T. Ylönen. SPKI Certificate Theory. RFC 2693, Internet Engineering Task Force, Sept. 1999.
J. S. Fraga and D. Powell. A Fault and Intrusion-Tolerant File System. In Proc. 3rd International Congress on Computer Security, pages 203–218, Dublin (Ireland), Aug. 1985.
J. Han, G. R. Malan, and F. Jahanian. Fault-Tolerant Virtual Private Networks within An Autonomous System. In Proc. 21st Symp. on Reliable Distributed Systems, pages 41–50, Suita (Japan), Oct. 2002.
M. A. Hiltunen, R. D. Schlichting, and C. A. Ugarte. Building Survivable Services Using Redundancy and Adaptation. IEEE Transactions on Computers, 52(2):181–194, Feb. 2003.
A. Householder, A. Manion, L. Pesante, G. M. Weaver, and R. Thomas. Managing the Threat of Denial-of-Service Attacks. CERT Coordination Center, Oct. 2001.
Y.-C. Hu, A. Perrig, and D. B. Johnson. Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks. In Proc. 8th Annual Int’l Conf. on Mobile Computing and Networking, pages 12–23, Atlanta, GA, Sept. 2002.
A. D. Keromytis, V. Misra, and D. Rub enstein. SOS: Secure Overlay Services. In Proc. ACM SIGCOMM Conf., pages 61–72, Pittsburgh, PA, Aug. 2002.
P. Papadimitratos and Z. J. Haas. Securing the Internet Routing Infrastructure. IEEE Communications Magazine, 40(10):60–68, Oct. 2002.
R. J. Perlman. Network Layer Protocols with Byzantine Robustness. PhD thesis, Massachusetts Institute of Technology, Cambridge, MA, Jan. 1988.
P. Veríssimo, N. F. Neves, and M. Correia. Intrusion-Tolerant Architectures: Concepts and Design. DI/FCUL TR 03-05, Department of Informatics, University of Lisbon, Apr. 2003.
Publicado
10/05/2004
Como Citar
OBELHEIRO, Rafael R.; FRAGA, Joni da Silva.
Uma Rede Overlay Tolerante a Intrusões. In: WORKSHOP DE TESTES E TOLERÂNCIA A FALHAS (WTF), 5. , 2004, Gramado/RS.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2004
.
p. 85-96.
ISSN 2595-2684.
DOI: https://doi.org/10.5753/wtf.2004.23382.