USENIX Technical Program - Abstract - Security Symposium 99

USENIX Technical Program - Abstract - Security Symposium 99

Building Intrusion Tolerant Applications

Thomas Wu, Michael Malkin, and Dan Boneh, Stanford University

Abstract

The ITTC project (Intrusion Tolerance via Threshold Cryptography) provides tools and an infrastructure for building intrusion tolerant applications. Rather than prevent intrustions or detect them after the fact, the ITTC system ensures that the compromise of a few system components does not compromise sensitive security information. To do so we protect cryptographic keys by distributing them across a few servers. The keys are never reconstructed at a single location. Our designs are intended to simplify the integration of ITTC into existing applications. We give examples of embedding ITTC into the Apache web server and into a Certification Authority (CA). Performance measurements on both the modified web server and the modified CA show that the architecture works and performs well.

View the full text of this paper in PDF form and PostScript form.
If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
To become a USENIX Member, please see our Membership Information.

Need help? Use our Contacts page.

Last changed: 20 Nov. 2006 jel

Technical Program

Conference index

USENIX home