Malicious-and Accidental-Fault Tolerance for Internet Applications
IST Research Project IST-1999-11583
1 January 2000 - 28 February 2003

Check out a summary of the project, or browse through the original project proposal.

MAFTIA involved experts from 5 countries and 6 organisations. The Industrial Advisory Board provided valuable feedback on the work of the project.

Research was organised into six workpackages.

Find out more about the key scientific results and achievements, and the benefits of this research collaboration.




Final Workshop
Held at Newcastle University, 18-19 February, 2003.



Deliverables
All the MAFTIA deliverables in one place.



Publications
A list of MAFTIA-related papers published by members of the project.



http://www.research.ec.org/dsos/index.html

http://www.research.ec.org/cabernet/

Objectives

The main objective of MAFTIA is to investigate the tolerance paradigm in security.

Instead of just aiming at making attacks necessarily unsuccessful, we make the assumption that attacks can happen, and some of them can be locally successful. But the overall system should nevertheless remain secure and operational, even if some subsystems are successfully attacked.

We believe that many concepts from fault tolerance can be applied to the construction of secure systems. These include:

  • error containment, detection and recovery as a means of countering the effect of attacks;
  • error compensation as a means of overcoming the inaccuracy; and
  • possible long latency of intrusion detection.

Constructing secure systems using these principles will achieve better dependability with less complex solutions, compared to a standard avoidance approach. Reduced complexity will not only reduce costs, it will also result in systems that are more trustworthy to their users.

Thus, we will investigate the tolerance paradigm systematically and then propose an integrated architecture and realise a concrete design that can be used to support the dependability of many applications.

We have identified three broad categories of operational goals that will enable us to achieve the project objectives. They are described in the next subsections:

  1. Goals related to the architecture of MAFTIA
  2. Goals related to the design of mechanisms and protocols
  3. Goals related to verification and assessment