Intrusion Tolerance - Security's Next Big Thing?

An anonymous reader writes "DARPA's OASIS program consists of more than 20 research projects in intrusion-tolerant systems. The basic idea is to concede that systems will be penetrated by malware and hackers, but to keep operating anyway. Other projects take a wide variety of technical approaches to providing intrusion tolerance. MIT's Automatic Trust Management uses models of trust to choose from a variety of ways to achieve system goals; Duke/MCNC's SITAR (Scalable Intrusion Tolerant Architecture) adapts tricks from fault-tolerant systems and distributes decision-making; BBN-Illinois-Maryland-Boeing's ITUA employs unpredictable adaptation. Shutting down the military while waging war is not an option, but the idea of continuing to operating critical defense systems even after known penetration by hostile hackers or damaging worms will take some getting used to."

Sad to get old

[krray]

It is sad to get old[er], but this has got to be the absolute dumbest thing I've _ever_ seen. No, really.

A intrusion detection type system should, well, PULL THE PLUG on the offended box. PERIOD. Oh, no, let's keep it working as much as we can until I get my lazy ass around to fixing it? Mean while it's still dumping how many of millions of spam out to the Internet? Or ping bombing the hell out of who? Or just stealing my data enough to not panic my bandwidth button, but getting it none-the-less. Oh, but I can print. Yeah...

Insane computing 101

You want tolerance? Ok. I'll be tolerant and not fire your ass for letting our system get compromised ... for HOW MANY hours? Tolerant that I don't break your knee-caps with the baseball bat I'm holding. It'll cost HOW MUCH to clean this mess up? Tolerant that there will *always* be somebody smarter than you out there and perhaps you just met him or her. Now learn from your mistakes and GET BACK TO WORK. *THAT* would be tolerance.

But I have NONE for letting a compromised system from remaining, well, compromised.