{"id":1149,"date":"2016-01-01T10:39:09","date_gmt":"2016-01-01T12:39:09","guid":{"rendered":"https:\/\/webhomserverphp82.asav.org.br\/softwarelab\/?p=1149"},"modified":"2019-09-05T11:37:36","modified_gmt":"2019-09-05T14:37:36","slug":"a-cyber-resilient-architecture-for-critical-security-services","status":"publish","type":"post","link":"https:\/\/unisinos.br\/softwarelab\/pt\/a-cyber-resilient-architecture-for-critical-security-services\/","title":{"rendered":"A cyber-resilient architecture for critical security services"},"content":{"rendered":"<div id=\"abs0005\">\n<p id=\"sp0115\">Authentication and <a title=\"Learn more about Authorisation\" href=\"https:\/\/www.sciencedirect.com\/topics\/engineering\/authorisation\">authorization<\/a> are two of the most important services for any IT infrastructure. Taking into account the current state of affairs of cyber <a title=\"Learn more about Military Operations\" href=\"https:\/\/www.sciencedirect.com\/topics\/engineering\/military-operations\">warfare<\/a>, the security and <a title=\"Learn more about Dependability\" href=\"https:\/\/www.sciencedirect.com\/topics\/engineering\/dependability\">dependability<\/a> of such services is a first <a title=\"Learn more about Priority Class\" href=\"https:\/\/www.sciencedirect.com\/topics\/computer-science\/priority-class\">class priority<\/a>. For instance, the <a title=\"Learn more about Correct Operation\" href=\"https:\/\/www.sciencedirect.com\/topics\/engineering\/correct-operation\">correct and continuous operation<\/a> of <a title=\"Learn more about Identity Provider\" href=\"https:\/\/www.sciencedirect.com\/topics\/computer-science\/identity-provider\">identity providers<\/a> (e.g., OpenID) and authentication, authorization and accounting services (e.g., RADIUS) is essential for all sorts of systems and infrastructures. As a step towards this direction, we introduce a <a title=\"Learn more about Functionals\" href=\"https:\/\/www.sciencedirect.com\/topics\/engineering\/functionals\">functional<\/a> architecture and <a title=\"Learn more about Design System\" href=\"https:\/\/www.sciencedirect.com\/topics\/engineering\/design-system\">system design<\/a> <a title=\"Learn more about Artefact\" href=\"https:\/\/www.sciencedirect.com\/topics\/engineering\/artefact\">artifacts<\/a> for prototyping fault- and intrusion-tolerant identification and authentication services. The feasibility and <a title=\"Learn more about Applicability\" href=\"https:\/\/www.sciencedirect.com\/topics\/engineering\/applicability\">applicability<\/a> of the proposed elements are evaluated through two distinct prototypes. Our findings indicate that building and deploying resilient and reliable critical services is an achievable goal through a set of system design artifacts based on well-established concepts in the fields of security and dependability. Additionally, we provide an extensive evaluation of both resilient RADIUS (R-RADIUS) and OpenID (R-OpenID) prototypes. We show that our solution makes services resilient against attacks without affecting their correct operation. Our results also pinpoint that the prototypes are capable of meeting the needs of small to <a title=\"Learn more about Large-Scale Systems\" href=\"https:\/\/www.sciencedirect.com\/topics\/engineering\/large-scale-systems\">large-scale systems<\/a> (e.g., IT infrastructures with 800k to 10M users).<\/p>\n<p><a href=\"https:\/\/www.sciencedirect.com\/science\/article\/pii\/S1084804516000539\">Journal of Network and Computer Applications<\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Authentication and authorization are two of the most important services for any IT infrastructure. Taking into account the current state of affairs of cyber warfare, the security and dependability of such services is a first class priority. For instance, the correct and continuous operation of identity providers (e.g., OpenID) and authentication, authorization and accounting services [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":192,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[54,27,25],"tags":[],"class_list":["post-1149","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-publicacoes-2","category-publicacoes-rodrigo-da-rosa-righi","category-rodrigo-da-rosa-righi"],"_links":{"self":[{"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/posts\/1149","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/comments?post=1149"}],"version-history":[{"count":1,"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/posts\/1149\/revisions"}],"predecessor-version":[{"id":1150,"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/posts\/1149\/revisions\/1150"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/media\/192"}],"wp:attachment":[{"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/media?parent=1149"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/categories?post=1149"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unisinos.br\/softwarelab\/wp-json\/wp\/v2\/tags?post=1149"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}