The ultimate goal of a computer security solution is to maximize the availability of the system it protects. Towards this goal, most past research focused on in-creasing the mean time between security breaches by improving methods to de-tect and prevent attacks. However, there is another alternative, which is the approach that the Repairable Data System (RDS) project takes: reduce the time required to restore a system back to normal order after it is compromised. More specifically, a repairable data system can quickly restart itself after an intrusion and eliminate those and only those side effects directly or indirectly left by the intrusion.
The key design issues in building repairable data systems are (1) how to log all updates so that every update is undoable, and (2) how to track the dependen-cies among updates so that all the updates affected by an attack can be identi-fied and erased. The RDS project develops novel techniques to solve these two problems in the context of network file servers and relational DBMS servers. The main result of this project is expected to be a reusable implementation framework for adding a fast repair mechanism to existing network file servers and DBMS servers without requiring any modifications to their internals The fast repair mechanism added drastically shortens the time taken by and im-proves the accuracy of the post-intrusion repair process. Therefore, this tech-nology renders existing information systems intrusion-tolerant in that the im-pact of an intrusion is diminished to the point of a transient system outage. All the software resulting from this project will be published in the SourceForge web site for dissemination.
Dr. Brett D. Fleisch Program Director, CISE/CNS June 30, 2004 .
