Cyber-Resilient Security Services

Authentication and authorization are two of the most crucial security services of IT infrastructures. Taking into account the current state of affairs of cyber warfare the security and dependability of such services has become a first class priority. The correct and continuous operation of identity providers (e.g. OpenID) and authentication authorization and accounting services (e.g. RADIUS) is essential for all sorts of IT systems and infrastructures. To met the requirements of future IT infrastructures we introduce functional architecture and system design artifacts for prototyping fault- and intrusion- tolerant identification and authentication services. We demonstrate the feasibility and application of the architecture through two different prototypes. Our findings indicate that building and deploying resilient and reliable critical services is an achievable goal by a set of system design artifacts based on well-established concepts in the fields of security and dependability.