How to withstand mobile virus attacks (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
COCA: A secure distributed online certification authority
ACM Transactions on Computer Systems (TOCS)
Practical byzantine fault tolerance and proactive recovery
ACM Transactions on Computer Systems (TOCS)
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Low complexity Byzantine-resilient consensus
Distributed Computing
Worm-IT - A wormhole-based intrusion-tolerant group communication system
Journal of Systems and Software
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Attested append-only memory: making adversaries stick to their word
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Hypervisor-Based Efficient Proactive Recovery
SRDS '07 Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems
Hidden problems of asynchronous proactive recovery
HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
Resilient Intrusion Tolerance through Proactive and Reactive Recovery
PRDC '07 Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing
Efficient state transfer for hypervisor-based proactive recovery
Proceedings of the 2nd workshop on Recent advances on intrusiton-tolerant systems
The FOREVER service for fault/intrusion removal
Proceedings of the 2nd workshop on Recent advances on intrusiton-tolerant systems
Performance comparison of middleware architectures for generating dynamic web content
Proceedings of the ACM/IFIP/USENIX 2003 International Conference on Middleware
Towards a generic group communication service
ODBASE'06/OTM'06 Proceedings of the 2006 Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, DOA, GADA, and ODBASE - Volume Part II
| Hi-index | 0.00 |
Hybrid wormhole-based architectures have recently been proposed as an approach for building intrusion-tolerant systems. The wormhole, a trusted entity in the system, can be implemented in software using virtualization technology. The architecture of such systems poses the question of distribution of functionality and interactions between three layers: the trusted wormhole, the untrusted part of the replication infrastructure, and the replicated application. For example, a total-ordering service for client requests that is needed for consistent replication can be implemented in the trusted or untrusted part of the infrastructure. In this paper, we discuss this distribution of functionality and the impact on semantics, interfaces, and functional constraints. Finally, we propose a flexible toolkit that eases the implementation and comparison of different architectures.