Building intrusion tolerant applicationsAuthors: T. Wu, M. Malkin, and D. Boneh
The ITTC project provides tools and an infrastructure for building intrusion tolerant applications. Rather than prevent intrusions or detect them after the fact, the ITTC system ensures that the compromise of a few system components does not compromise total system security. Our designs are intended to simplify the integration of ITTC into existing applications. We give examples of embedding ITTC into the Apache web server and into a Certification Authority (CA).
In proceedings of the 8th USENIX Security Symposium, pp. 79--91, 1999