摘要
普通的大数表决算法不能区分一致正确的响应和一致错误的响应,导致错误输出和没有输出的问题。针对入侵容忍系统中输出结果准确性不高的问题,提出了一种应用概率理论作为额外信息的基于概率的入侵容忍表决机制。该机制根据没有出错的服务器产生的响应结果和出错服务器产生响应结果的概率计算出每个响应结果出现的概率,并根据最大可能性原则找出出现概率最大的那个响应结果,这个响应结果就是正确的输出。分析结果表明,该机制比普通的大数表决输出的结果更为准确,提高了系统的输出准确性。采用了冗余技术和多样性技术,系统即使在遭受到恶意攻击的情况下仍能安全、可靠地运行。
Traditional majority voting algorithm can not distinguish the coherent right response and coherent wrong response, and there will be wrong and no output situation. Current intrusion tolerant systems have some limits on accuracy. To solve this problem, a novel intrusion tolerant architecture with voting mechanism based on probability strategy is proposed. The probability of voting mechanism is based on the application of probability theory as an additional information. The mechanism is based on the probability of no- error servers responsing to results and the error servers responsing to results to calculate the probability of every results. It is based on maxirnum- like- hood principle to find the greatest probability of results ,which is correct output. Analysis shows that the mechanism based on probability strategy can vote more aconite output than traditional majority voting algorithm, so a more accurate system output will be improved. Both diversity, redundancy intrusion tolerance technology are used to build Web server system with intrusion tolerance properties. This system can provide correct and reliable services for the system continually despite the existence of fault or intrusion.
出处
《计算机技术与发展》
2010年第3期136-139,共4页
Computer Technology and Development
基金
湖南省科技计划基金资助项目(2006JT1040)
关键词
入侵容忍
冗余
表决
概率理论
最大可能性原则
intrusion-tolerance
redundancy
voter
probability theory
maximum-likehood principle
