ServicenavigationHauptnavigationTrailKarteikarten


Research unit
EU RFP
Project number
99.0166
Project title
MAFTIA: Malicious and accidental-fault tolerance for internet applications

Texts for this project

 GermanFrenchItalianEnglish
Key words
-
-
-
Anzeigen
Alternative project number
-
-
-
Anzeigen
Research programs
-
-
-
Anzeigen
Short description
-
-
-
Anzeigen
Partners and International Organizations
-
-
-
Anzeigen
Abstract
-
-
-
Anzeigen
References in databases
-
-
-
Anzeigen

Inserted texts


CategoryText
Key words
(English)
Fault tolerance; security; attacks; intrusions; cryptography; dependable middleware; intrusion detection; trusted third party; authorization
Alternative project number
(English)
EU project number: IST-1999-11583
Research programs
(English)
EU-programme: 5. Frame Research Programme - 1.2.5 Cross programme
Short description
(English)
See abstract
Partners and International Organizations
(English)
University of Newcastle upon Tyne (UK), Fundacao da Faculdade de Ciencias (P), The Secretary of State for defence acting through the Defence Evaluation and Research Agency (DERA) (UK), Universität des Saarlandes (D), Centre Nastional de la Recherche Scientifique (Délégation Midi-Pyrénées) (CNRS-LAAS) (F)

Abstract
(English)
Project MAFTIA investigates the dependability of distributed applications for very large and heterogeneous user populations; typical examples include electronic commerce, Internet auctions, and the IT infrastructure of large organizations. MAFTIA is primarily interested in systems with high privacy or security demands. Such systems should ideally remain operational, providing the correct, intended service and protecting all confidential information from unauthorized access, even if accidental or malicious faults occur.Accidental faults result typically from hardware outages; coping with them and building reliable, dependable computer systems from unreliable components is relatively well understood today.On the other hand, intrusions and malicious attacks can be viewed as a new kind of 'malicious' fault, which has to be addressed by new methods. In current practice, repairing the effects of a malicious attack and resuming proper operation typically have to be done manually by the system administrators. It is the goal of MAFTIA to remedy this situation by investigating the tolerance paradigm in environments with security demands.Our approach, which we call intrusion-tolerance, complements the traditional paradigm of computer security, which typically aims at preventing intrusions completely, by the paradigms of fault tolerance. For example, most systems using a public-key infrastructure put all trust in one single trusted third party (the certification authority), and if this party fails then security can no longer be guaranteed. Complete protection of a trusted entity is either not practical or prohibitively expensive.MAFTIA aims at developing concepts, methods, and tools for dependable and trusted applications on the Internet, which can cope with accidental faults as well as with malicious attacks. It provides a general architecture for intrusion-tolerant systems, develops protocols for dependable middleware, builds the link to new methods for detecting intrusions, investigates distributed authorization services, and uses formal verification methods to validate its approach.In its second year, MAFTIA has formulated an integrated approach to intrusion tolerance and demonstrated several new key technologies to implement the approach.
References in databases
(English)
Swiss Database: Euro-DB of the
State Secretariat for Education and Research
Hallwylstrasse 4
CH-3003 Berne, Switzerland
Tel. +41 31 322 74 82
Swiss Project-Number: 99.0166