Intrusion Tolerant Software Architectures  by Dr. Bruno Dutertre, Robert Riemenschneider, Dr. Hassen Saïdi & Victoria Stavridou. May, 2001. Abstract The complexity of the software systems built today virtually guarantees the existence of security vulnerabilities. When the existence of specific vulnerabilities becomes known --- typically as a result of detecting a successful attack --- intrusion prevention techniques such as firewalls and anti-virus software seek to prevent future attackers from exploiting these vulnerabilities. However, vulnerabilities cannot be totally eliminated, their existence is not always known and preventing mechanisms cannot always be built. \emph{Intrusion tolerance} is a new concept, a new design paradigm, and potentially a new capability for dealing with residual security vulnerabilities. In this article we describe our initial exploration of the hypothesis that intrusion tolerance is best designed and enforced at the software architecture level. BibTEX Entry @article{OASIS-006_Riemenschneider, AUTHOR = {Victoria Stavridou and Bruno Dutertre and {R.} {A.} Riemenschneider and Hassen Sa"\backslashidi}, TITLE = {Intrusion Tolerant Software Architectures}, YEAR = {2001}, MONTH = {May}, URL = {http://www.csl.sri.com/papers/oasis-006_riemenschneider/} } Files