David Arsenault

Learn More
— It is well-understood that increasing redundancy in a system generally improves the availability and dependability of the system. In server clusters, one important form of redundancy is spare servers. Cluster security, while universally recognized as an important subject in its own right, has not often been associated with the issue of redundancy. In(More)
The formidable difficulty in securing systems stems in large part from the increasing complexity of the systems we build but also the degree to which we now depend on information systems. Complex systems cannot be fully verified under all possible conditions. Self-Cleansing Intrusion Tolerance (SCIT) servers go through periodic cleaning. SCIT can be used to(More)
 Despite the increased focus on security, critical information systems remain vulnerable to cyber attacks. The problem stems in large part from the constant innovation and evolution of attack techniques. The trend lends importance to the concept of intrusion tolerance: a critical system must fend off or at least limit the damage caused by unknown and/or(More)
— Despite the increased focus on security, critical information systems remain vulnerable to cyber attacks. The trend lends importance to the concept of intrusion tolerance: there is a high probability that systems will be successfully attacked and a critical system must fend off or at least limit the damage caused by unknown and/or undetected attacks. In(More)
—Domain Name Systems (DNS) provide the mapping between easily remembered host names and their IP addresses. While domain name information is typically created and updated off-line, dynamic DNS updates allow clients to manage domain names online, in real time. The current secure DNS standards (DNSSEC) require private keys to be kept online to sign dynamic(More)
Domain Name Systems (DNS) provide the mapping between easily-remembered host names and their IP addresses. Popular DNS implementations however contain vulnerabilities that are exploited by frequent, targeted attacks. The software vulnerabilities of DNS together with the constant innovation and morphing of cyber attack techniques necessitate the(More)
  • 1