Partha P. Pal

Using QDL to specify QoS aware distributed (QuO) application configuration

Recent work in opening up distributed object systems to make them suitable for applications needing quality of service control has had the side effect of increasing the complexity in setting up, configuring, and initializing such applications. Configuration of distributed applications is more complicated than that of non-distributed applications, simply because of the heterogeneous and distributed nature of the applications components. CORBA and other distributed object middleware simplifies the configuration of distributed object applications, but hides much of the information and control necessary to achieve quality of service (QoS). We describe the techniques and tools that we have developed within our Quality Objects (QuO) framework for simplifying the configuration of distributed applications with QoS attributes. We describe a QuO configuration language, as well as the specific configuration needs of particular QoS properties-real-time, security, and dependability-and the support we provide for them.

Model-based validation of an intrusion-tolerant information system

An increasing number of computer systems are designed to be distributed across both local and wide-area networks, performing a multitude of critical information-sharing and computational tasks. Malicious attacks on such systems are a growing concern, where attackers typically seek to degrade quality of service by intrusions that exploit vulnerabilities in networks, operating systems, and application software. Accordingly, designers are seeking improved techniques for validating such systems with respect to specified survivability requirements. In this regard, we describe a model-based validation effort that was undertaken as part of a unified approach to validating a networked intrusion-tolerant information system. Model-based results were used to guide the systems design as well as to determine whether a given survivability requirement was satisfied.

Comparing and contrasting adaptive middleware support in wide-area and embedded distributed object applications

The Quality Objects (QuO) middleware is a set of extensions to standard distributed object computing middleware that is used to control and adapt the quality of service in a number of distributed application environments, from wide-area to embedded distributed applications. This paper compares and contrasts the characteristics of key use cases and the variations in QuO implementations that have emerged to support them. We present these variations in the context of several actual applications being developed using the QuO middleware.

Adaptive cyberdefense for survival and intrusion tolerance

While providing some resistance against cyberattacks, current approaches to securing networked and distributed information systems are mainly concerned with static prevention measures. For example, signature-based systems can only detect known attacks and tend to provide brittle, all-or-nothing protection. New work in survivability and intrusion tolerance focuses on augmenting existing information systems with adaptive defenses. A middleware-based survivability toolkit lets applications use network-and host-based mechanisms in their own defense.

Survivability architecture of a mission critical system: the DPASA example

Many techniques and mechanisms exist today, some COTS, others less mature research products that can be used to deflect, detect, or even recover from specific types of cyber attacks. None of them individually is sufficient to provide an all around defense for a mission critical distributed system. A mission critical system must operate despite sustained attacks throughout the mission cycle, which in the case of military systems, can range from hours to days. A comprehensive survivability architecture, where individual security tools and defense mechanisms are used as building blocks, is required to achieve this level of survivability. We have recently designed a survivability architecture, which combined elements of protection, detection, and adaptive reaction; and applied it to a DoD information system. The resulting defense-enabled system was first evaluated internally, and then deployed for external Red Team exercise. In this paper we describe the survivability architecture of the system, and explain the rationale that motivated the design

Law-governed regularities in object systems. Part 2: a concrete implementation

Regularities, or the conformity to unifying principles, are essential to the comprehensibility, manageability, and reliability of large software systems and should, therefore, be considered an important element of their architecture. But the inherent globality of regularities makes them very hard to implement in traditional methods. We have argued in a previously published companion paper that this difficulty can be alleviated by means of law-governed architecture (LGA), under which a system designer can establish a desired regularity (of a certain kind) simply by declaring it formally and explicitly as the law of the system. Once such a law-governed regularity is declared, it is enforced by the environment in which the system is developed. This paper discusses the application of LGA to traditional, class-based, object-oriented languages, using the Eiffel language for specificity. We introduce here the formalism for specifying laws that govern systems written in this language, and give a sample of regularities that can be efficiently established by such laws. As a case study, we show how one can establish a kernelized architecture suitable for the construction of critical embedded software, such as the software embedded in an intensive care unit.

Open implementation toolkit for building survivable applications

We consider two aspects of survivability namely survival by adaptation and survival by protection. We show how the quality objects (QuO) distributed adaptive middleware framework enables us to introduce these aspects of survivability in a flexible and systematic manner. We describe a toolkit for developing adaptive applications and demonstrate how more survivable applications can be built using the toolkit.

Building auto-adaptive distributed applications: the QuO-APOD experience

Exploiting autonomic adaptation in defending a distributed application is a relatively new research area. We describe how the QuO adaptive middleware was used to implement auto-adaptive defenses ranging from simple rapid response sensor-actuator tactics to more sophisticated containment and outrun strategies. In addition, we report on two experiments where live red team attacks were used to evaluate our auto-adaptive defense technology.

Attribute-Based Prevention of Phishing Attacks

This paper describes a set of innovative attribute based checks for defending against phishing attacks. We explain a number of anti-phishing algorithms implemented as plugins and highlight which attributes of phishing sites they consider.To assess the effectiveness and applicability of this prototype,we performed extensive experimental testing. We present a fully automated crawling framework that we developed for testing,along with the main experimental results.

An architecture for adaptive intrusion‐tolerant applications

Applications that are part of a mission‐critical information system need to maintain a usable level of key services through ongoing cyber‐attacks. In addition to the well‐publicized denial of service (DoS) attacks, these networked and distributed applications are increasingly threatened by sophisticated attacks that attempt to corrupt system components and violate service integrity. While various approaches have been explored to deal with DoS attacks, corruption‐inducing attacks remain largely unaddressed. We have developed a collection of mechanisms based on redundancy, Byzantine fault tolerance, and adaptive middleware that help distributed, object‐based applications tolerate corruption‐inducing attacks. In this paper, we present the ITUA architecture, which integrates these mechanisms in a framework for auto‐adaptive intrusion‐tolerant systems, and we describe our experience in using the technology to defend a critical application that is part of a larger avionics system as an example. We also motivate the adaptive responses that are key to intrusion tolerance, and explain the use of the ITUA architecture to support them in an architectural framework. Copyright