th Workshop on Recent Advances in Intrusion - Tolerant Systems

Design and operational vulnerabilities are accepted as inevitable in today's complex computer systems. The dis­ tributed and networked nature of the systems that are cur­ rently in use and being developed facilitate discovery and exploitation of these flaws in increasingly new and easier ways. Intrusion Tolerance acknowledges that it is impos­ sible to completely prevent attacks and intrusions, and that it is often impossible to accurately detect the act of intru­ sion and stop it early enough. Intrusion Tolerance research therefore aims to develop technologies that enable computer systems to continue to operate correctly despite attacks, and deny the attacker/intruder the success they seek. For in­ stance, an intrusion-tolerant system may suffer partial loss of service or resources due to the attack, but it will continue to provide critical services in a degraded mode or trigger au­ tomatic mechanisms to regain and recover the compromised services and resources. Similar goals are being pursued in Survivability, Byzantine Fault Tolerance, Self-regenerative and Autonomic Systems. The idea of tolerating intrusions gained prominence dur­ ing the late 1990s and early 2000s. Major research ef­ forts led to the development of several intrusion-tolerant algorithms and architectures. It is now possible to grasp the fundamental principles of building practical intrusion­ tolerant systems, the issues underlying the validation and acceptance/certification of intrusion-tolerant systems, and also the continued effective and intelligent management and operation of such systems once they are put in operation. Despite significant progress, most modern systems are still not built as intrusion-tolerant systems. There are a number of reasons for this ranging from a false sense of security, such as lack of understanding of the risk, absence of any major cyber-disaster that is publicly acknowledged, the continued and fast paced innovation in information and software construction technologies, and the perception that Intrusion Tolerance is expensive. Combined with changing technology landscape, Intru­ sion Tolerance is a moving target that also needs to accom-