Robust intrusion tolerance in information systems
Intrusions exploit vulnerabilities and introduce external disturbances into information systems to compromise security attributes of information systems such as availability, integrity, and confidentiality. Intrusions into information systems cause faults of software and hardware components in information systems, which then lead to errors and failures of system performance. Intrusion tolerance requires information systems to function correctly in a timely manner even under impact of intrusions. In this paper, we discuss causes, chain effects and barriers of intrusions into information systems, and reveal roles that various information security techniques play in intrusion tolerance. We present two robust intrusion tolerance methods through fault masking: Taguchi's robust method for system configuration and sharing of resources via an information infrastructure for redundancy.