4th workshop on recent advances in intrusion-tolerant systems WRAITS 2010

Design and operational vulnerabilities are accepted as inevitable in today’s complex computer systems. The distributed and networked nature of the systems that are currently in use and being developed facilitate discovery and exploitation of these flaws in increasingly new and easier ways. Intrusion Tolerance acknowledges that it is impossible to completely prevent attacks and intrusions, and that it is often impossible to accurately detect the act of intrusion and stop it early enough. Intrusion Tolerance research therefore aims to develop technologies that enable computer systems to continue to operate correctly despite attacks, and deny the attacker/intruder the success they seek. For instance, an intrusion-tolerant system may suffer partial loss of service or resources due to the attack, but it will continue to provide critical services in a degraded mode or trigger automatic mechanisms to regain and recover the compromised services and resources. Similar goals are being pursued in Survivability, Byzantine Fault Tolerance, Self-regenerative and Autonomic Systems. The idea of tolerating intrusions gained prominence during the late 1990s and early 2000s. Major research efforts led to the development of several intrusion-tolerant algorithms and architectures. It is now possible to grasp the fundamental principles of building practical intrusiontolerant systems, the issues underlying the validation and acceptance/certification of intrusion-tolerant systems, and also the continued effective and intelligent management and operation of such systems once they are put in operation. Despite significant progress, most modern systems are still not built as intrusion-tolerant systems. There are a number of reasons for this ranging from a false sense of security, such as lack of understanding of the risk, absence of any major cyber-disaster that is publicly acknowledged, the continued and fast paced innovation in information and software construction technologies, and the perception that Intrusion Tolerance is expensive. Combined with changing technology landscape, Intrusion Tolerance is a moving target that also needs to accommodate and adapt to changes. Unlike fault tolerance, Intrusion Tolerance faces an intelligent adversary who can adapt and evolve as the system adapts and recovers. New technologies make older solutions obsolete and introduce new vulnerabilities. How to make Intrusion Tolerance an integral part of the software engineering of modern information systems? What can be done to make system developers and architects more comfortable and confident about Intrusion Tolerance technologies? How to continue to stay ahead of the increasingly sophisticated adversaries? How to enlighten and empower the practitioners to navigate the ever-changing technology landscape so that they can build systems that can be trusted, and can operate through attacks? The 4th Workshop on Recent Advances in IntrusionTolerant Systems, held in conjunction with DSN 2010, aims to provide the researchers and practitioners an intimate venue to discuss and collaborate on ground-breaking new ideas and fresh results on such issues.