Security Evaluation of Layered Intrusion Tolerant Systems

This paper constructs a stochastic model of a layered system to analyze its security measures. It discusses evaluation of availability and integrity as two major security properties of a three-layered Architecture consisting of Client, Web-server, and Database. Using Mobius software, this study models the change in vulnerability of a layer owing to an intrusion in another layer. Furthermore, it analyzes the impact on the security of the upper layers due to an intrusion in a lower layer. While maintaining a system availability of 97.73%, this study indicates that increasing the host attack rate in the Database layer from 10 to 20 will reduce system availability to 97.55%. Similar modification made to a Web-server layer will contribute to 97.04% availability. This set of results imply that increasing the attack rate in Web Server layer has a more severe impact on system availability, as compared to the Database layer. Similar results have been gathered when predicting integrity of the system under identical set of modification. At system integrity of 96.88%, increasing host attack rate in Database layer has resulted in achieving integrity of 96.68%; similar experiment for Web server layer resulted in system integrity of 96.57%.