Intrusion Tolerant Middleware

Increased reliance of applications on the software infrastructure to support distributed operations is creating new intrusion threats. In particular, there is a growing but largely unnoticed intrusion threat due to the emerging middleware technologies such as CORBA, WAP, XML support, enterprise application integrators, and Internet telephony middleware. The situation is grave because the emerging middleware technologies are relatively immature but have a high potential of use in the current and future civilian and military systems. This paper shows a practical analysis of the intrusion threats introduced due to the increased reliance of current and future mission critical applications on emerging middleware. A great deal of effort is needed to f i l l the gap between where we are and where we need to be. In particular, a technique, called FRS (fragmentation, redundancy, scattering), needs particular attention because it is central to intrusion tolerance. An important area of work is to improve FRS and imbed it in existing middleware platforms. Work in developing an Intelligent Compensating Middleware (ICM) that includes FRS as a compensating feature for existing COTS middleware is discussed. This research is being conducted at Telcordia Technologies under the ICM (Intelligent Compensating Middleware) project, funded by DARPA (BAA0015). Initial results from this project are included.