Abstract:
Web services which allow the interoperability and communication of heterogeneous systems in the Web through Internet protocols, are also subject to attacks a well as dest...Show MoreMetadata
Abstract:
Web services which allow the interoperability and communication of heterogeneous systems in the Web through Internet protocols, are also subject to attacks a well as destructive as sophisticated. Contrariwise, very few solutions exist to ensure the availability of Web services in the presence of these attacks. In order to tackle these issues, we propose a comprehensive and complete attack-tolerance methodology whose characteristics are: i) upstream detection of attacks before their propagation, ii) a failover system to mitigate the effects of the attack and, iii) an active reconfiguration process to mitigate attacks that are not easy or impossible to detect by monitoring. Our approach will leverage and explore, in particular, monitoring, diversity and software engineering techniques for devising a fine-grained attack-tolerance system. We conducted preliminary experiments with an e-health Web service, which is a simplified version of a case study of the European project CLARUS.
Date of Conference: 25-30 June 2017
Date Added to IEEE Xplore: 14 September 2017
ISBN Information:
Electronic ISSN: 2474-2473