QoIA Management Project

Overview

This project will build a QoIA-aware attack resistant database system framework, call Linba. The trustworthiness of a computing system in delivering valid services in face of attacks has become a more critical concern than ever as people are experiencing increased cyber security threats. A Quality of Information Assurance (QoIA) service is a service associated with a specific level of trustworthiness. From the viewpoint of end users, the goal of trusted computing is to enable people to get the QoIA services that they have subscribed for even in face of attacks. However, (most) existing trusted systems cannot deliver QoIA services since they have very limited  ability in providing (sustained) quantitative trustworthiness guarantees.

The objective of this research is to build a new trusted computing infrastructure that is able to continue delivering QoIA services in face of attacks and cost constraints. Based on a novel formal (service) trustworthiness model, Linba delivers multilevel, differential, quantitative QoIA services through near optimal neuro-fuzzy composite QoIA adaptations where Linba intelligently adapts itself to environment changes and  QoIA-cost tradeoffs are done in an optimized way. Successful development of Linba will arm existing trusted database systems with the ability to deliver QoIA services (in a cost-effective way) and provide very valuable hints on developing a variety of other types of trusted computing systems that can deliver QoIA services. The cost-effectiveness of Linba will be evaluated through simulation or prototyping. 

Papers

  1. H. Wang, P. Liu, L. Li, Evaluating the Impact of Intrusion Detection Deficiencies on the Cost-Effectiveness of Attack Recovery, Proceedings of the 7th Information Security Conference (Lecture Notes in Computer Science), September 2004.
  2. M. Yu, P. Liu, W. Zang, Dependency Relation based Attack Recovery of Workflow Systems, Submitted for review to ACM Trans. on Information and Systems Security, 2004
  3. M. Yu, P. Liu, W. Zang, The Design, Implementation and Evaluation of a Self-Healing Workflow System Prototype, To be submitted for journal publication.
  4. M. Yu, P. Liu, W. Zang, Self Healing Workflow Systems under Attacks, Proc. 24th IEEE International Conference on Distributed Computing Systems (ICDCS’04),  Tokyo, Japan, March 2004, pages 418-425.
  5. M. Yu, P. Liu, W. Zang, Specifying and Using Group-to-Group Communication Services for Intrusion Masking, Journal of Computer Security, accepted, to appear
  6. P. Liu, J. Jing, P. Luenam, Y. Wang, L. Li, S. Ingsriswang, The Design and Implementation of a Self-Healing Database System, Journal of Intelligent Information Systems, Vol. 23, No. 3, 247-269, 2004
  7. M. Yu, P. Liu, W. Zang, Multi-Version Data Objects Based Attack Recovery of Workflows, Proc. 2003 Annual Computer Applications Security Conference (ACSAC'03).
  8. P. Liu, S. Jajodia, Multiphase Damage Containment in Self-Healing Database System, Submitted for review to IEEE Trans. on Knowledge and Data Engineering, 2003
  9. J. Zhang, P. Liu,  Delivering Services with Integrity Guarantees in Survivable Database Systems, Proc. 17th Annual IFIP WG 11.3 Working Conference on Database and Applications Security, Colorado, August 2003
  10. P. Liu, Architectures for Intrusion Tolerant Database Systems, Proc. 2002 Annual Computer Security Applications Conference, Dec 2002, pages 311-320
  11. P. Luenam, P. Liu, The Design of an Adaptive Intrusion Tolerant Database System, Proc. IEEE Workshop on Intrusion Tolerant Systems, 2002. 

People

  • Peng Liu, Pramote Luenam, Meng Yu, Hai Wang, Jianyong Zhang, Vinod Ramin

Acknowledgement

This project is supported by NSF CCR-0233324