Defense-enabling using advanced middleware-an example

Abstract

Many intrusions into computer systems target specific applications with an intent; to stop them from functioning properly. The traditional security engineering approach attempts to secure the infrastructure: the hardware, the network and operating system, with the goal of preventing such attacks getting through to any application running on these platforms. We propose a. complementary approach that aims to ensure the applications' continued ability to provide useful service despite the ongoing attack(s). This approach, called defense-enabling, uses an adaptive middleware to coordinate services of multiple mechanisms that are not normally part of the application's functional objectives. Defense-enabling an application involves focusing on a set of attacks, developing a strategy to defend against these attacks and systematically incorporating the strategy in the application. The topic of this paper is the technology underlying the concept. We show how services of various mechanisms, organized and coordinated by an adaptive middleware, support the implementation of an application's defense strategy. We believe that the increased resilience obtained by defense-enabling would be significant for critical military applications.