This advanced course addresses the problem of security of computer and communication networks under the tolerance paradigm, or how to prevent security failures under the allowed presence of malicious faults (vulnerabilities, attacks and intrusions). The valences acquired with the course consist of a body of knowledge complementary to the standard prevention approach, which traditionally requires difficult to attain levels of system robustness and intensive and costly human intervention. Figuratively, intrusion tolerance is the road to automatic security, pretty much along the philosophy of classic fault tolerance for accidental faults. Students will be able to master the fundamental concepts, paradigms and mechanisms of intrusion tolerance. They will be exposed to the most relevant examples of such mechanisms (e.g., Byzantine fault tolerance, automated recovery, secret sharing, fault-tolerant routing, diversity), and they will learn to look at several legacy systems and technologies under the intrusion tolerance perspective. Students will also be able to incorporate these notions with classical security notions in a complete design of secure computer systems. Students acquiring the subjects of this course are likely to get a competitive edge in relation to researchers or professionals with a classical training in security, as intrusion tolerance is becoming a mainstream technique in computer systems security.
Prerequisites: Introduction to Computer Security (15213), and it is expected that students have at least introductory notions of: computational systems and computer networks; operating systems and distributed systems.