DESIGN AND IMPLEMENTATION OF AN INTRUSION TOLERANT SYSTEM

0
771

ABSTRACT

        The advancement of computers produce computing infrastructures which handle resources in a more efficient way, and a business model for selling computing resources and services. On the other hand, such complex and distributed architectures becomes an attractive target for intruders. Cloud and distributed computing offers great potential to improve productivity and reduce costs, but at the same time it possesses many new security risks. Some Intrusion Detection Systems (IDS) have been used widely to detect malicious behaviors in network communication and hosts, but these traditional intrusion detection system are not flexible in providing guaranteed security especially in distributed computing because of the architecture of the computing. This paper presents the use of RSA (Rivest–Shamir–Adleman) cryptosystem to effectively detect and prevent intrusion in a computer system. In this cryptosystem, the encryption key is public and it is different from the decryption key which is kept secret (private). This ensures maximum security.

CHAPTER ONE

INTRODUCTION

1.1    INTRODUCTION

Most current information systems are connected to the Internet for efficiency and convenience. However, the growth of accessibility makes the systems vulnerable to attackers. A web server is a program that runs over the Hyper Text Transfer Protocol which has client-server mode to serve clients with files and other details which are stored on the server. The web server is currently the most widely deployed type of distributed data server. Every computer on the internet that contains a website must have a web server program. Web servers are providing dynamic contents rather than static ones which have opened up many security flaws.With the development and scope of cloud computing, there is a tremendous shift in the web hosting industries. Most users prefer a server in the cloud due to ease of maintenance and low cost of infrastructure thus there is a great need to ensure the integrity and confidentiality of the systems we use. For this reason, many studies have been conducted in order to improve security of information systems. To protect the private keys of web servers and certificate authority, (Boneh et al, 1999) shared the keys among a number of share servers.