摘要
该文提出了一种基于多代理(Agent)技术的容忍入侵体系结构。通过在系统组件中引入一定的冗余度,将冗余和多样性技术相结合,利用门限秘密共享技术将秘密信息分布于多个系统组件上来达到容忍入侵的目的。通过分布在每个服务器上的多个代理,建立一个容忍入侵的安全内核,重要信息通过安全内核来传递,保证系统关键部件为合法用户提供连续和可靠的基本服务。该方案采用系统整体安全策略,将容忍入侵与多代理的入侵检测相结合,使系统具有更好的实用性和可生存性。
This paper proposes a framework model of intrusion-tolerant system based on multi-agents.The model is built by the techniques of both redundancy and diversity and it comprises functionally redundant COTS application servers running on diverse operating systems and platforms ,hardened intrusion -tolerance proxies that mediate client requests and verify the behavior of servers.The application servers use threshold schemes to protect confidential data from compromised servers.In the model,each server contains any number of agents that monitor interesting events occurring in the server.Each agent comprises a security kernel,through which important information is transmitted.This security kernel can provide a small set of basic secure services to legitimate clients in the presence of intrusions.The approach combines intrusion tolerance with intrusion detection based on multi -agents to realize availability and survivability of a system.
出处
《计算机工程与应用》
CSCD
北大核心
2003年第11期19-21,共3页
Computer Engineering and Applications
基金
国家自然科学基金资助项目(编号:90204012)
关键词
代理
容忍入侵
入侵检测
Agent ,Intrusion-tolerant ,Intrusion-detection
