Security and survivability of distributed systems: an overview

Society is growing increasingly dependent upon large-scale, highly distributed systems that operate in unbounded network environments, which like the Internet, have no central administrative control and no unified security policy. Despite the best efforts of security practitioners, no amount of system hardening can assure that a system that is connected to an unbounded network will be invulnerable to attack. The discipline of network survivability and security can help ensure that such systems can deliver essential services and maintain essential properties such as integrity, confidentiality and performance, despite the presence of intrusion. Unlike the traditional security policies that require central control for instance or administration, survivability is intended to address unbounded network environments. Furthermore, since survivability requires robustness under conditions of intrusion, failure, or accident, it includes the concept of fault tolerance. This paper formulates the basic issues to be solved in this new field, discusses and comments some current solution concepts and finally outlines the most challenging future research avenues.