Applications That Participate in Their Own Defense (APOD)

Abstract

The goal of the APOD project was to give software applications an increased resistance against malicious attack even when they run in an environment that is not completely secured. We call any such application "defense enabled". Note that defense enabling is less ambitious than building a secure system: rather than protect the entire system, defense enabling concentrates on the survival and integrity of essential applications, possibly sacrificing other parts of the system to the attacker. Defense enabling also gives priority to some security properties over others: we are much more concerned with defending the integrity of an application's data than its confidentiality. Defense enabling is representation of a relatively recent trend in computer security, often called survivability or 3rd generation security. Several factors distinguish the APOD approach to survivability from others. First, dynamic adaption is a key theme of our approach. Intrusions cause changes in the system, and a survivable system much cope with these changes. As a consequence, defense enabled applications must be very agile and will make use of the flexibility possible in today's dynamic, networked environments. Second, a defense enabled application has a defense strategy that is typically application an mission specific. Such strategies complement and go beyond traditional approaches to security in which protection mechanisms are typically not aware of the applications they aim to protect. Third, defense enabling builds the defense in middleware, intermediate between the application and the networks and operating systems on which the application runs. Defense strategies implemented in middleware can be reused relatively easily in the context of other applications because they are only loosely coupled to the application.

Document Details

Document Type

Technical Report

Publication Date

May 01, 2003

Accession Number

ADA415561

Entities

Tags