Skip to Main content Skip to Navigation

Conception et réalisation d'une architecture tolérant les intrusions pour des serveurs internet

Ayda Saidane 1
1 LAAS-TSF - Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique
LAAS - Laboratoire d'analyse et d'architecture des systèmes
Abstract : The connection of critical systems to the Internet is raising serious security problems, since the conventional protection techniques are rather inefficient in this new context. This thesis proposes a generic architecture for intrusion tolerant Internet servers. This architecture is based on redundancy and diversification principles, in order to increase the system resilience to attacks: usually, an attack is targeted at a particular software, running on a particular platform, and fails on others. The architecture is composed of redundant tolerance proxies that mediate client requests to a redundant bank of diversified application servers (COTS). The redundancy is deployed here to increase the availability and integrity of the system. To improve its performance, we have introduced the notion of adaptive redundancy: the redundancy level is selected by the proxies according to the current alert level. We present two architecture variants targeting different classes of Internet servers. The first one is proposed for fully static servers such as Web distribution with static content that provide stable information, which can be updated offline. The second architecture is proposed for fully dynamic systems where the updates are executed immediately on the on-line database. We have demonstrated the feasibility of this architecture by implementing an example of an Internet travel agency. The first performance tests are satisfactory, with acceptable request execution times and fast enough recovery after incidents.
Complete list of metadata

Cited literature [51 references]  Display  Hide  Download
Contributor : Emilie Marchand <>
Submitted on : Monday, June 27, 2005 - 4:57:22 PM
Last modification on : Thursday, June 10, 2021 - 3:06:56 AM
Long-term archiving on: : Friday, September 14, 2012 - 1:25:32 PM


  • HAL Id : tel-00009600, version 1


Ayda Saidane. Conception et réalisation d'une architecture tolérant les intrusions pour des serveurs internet. Réseaux et télécommunications [cs.NI]. INSA de Toulouse, 2005. Français. ⟨tel-00009600⟩



Record views


Files downloads