How to withstand mobile virus attacks (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Impossibility of distributed consensus with one faulty process
Journal of the ACM (JACM)
Unreliable failure detectors for reliable distributed systems
Journal of the ACM (JACM)
Communications of the ACM
Distributed Algorithms
COCA: A secure distributed online certification authority
ACM Transactions on Computer Systems (TOCS)
Practical byzantine fault tolerance and proactive recovery
ACM Transactions on Computer Systems (TOCS)
Asynchronous verifiable secret sharing and proactive cryptosystems
Proceedings of the 9th ACM conference on Computer and communications security
Proactive Secret Sharing Or: How to Cope With Perpetual Leakage
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
The Timed Asynchronous Distributed System Model
FTCS '98 Proceedings of the The Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing
CODEX: A Robust and Secure Secret Distribution System
IEEE Transactions on Dependable and Secure Computing
How Resilient are Distributed f Fault/Intrusion-Tolerant Systems?
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Hidden problems of asynchronous proactive recovery
HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
Tiered fault tolerance for long-term integrity
FAST '09 Proccedings of the 7th conference on File and storage technologies
Proactive Fortification of Fault-Tolerant Services
OPODIS '09 Proceedings of the 13th International Conference on Principles of Distributed Systems
Secure failure detection in TrustedPals
SSS'07 Proceedings of the 9h international conference on Stabilization, safety, and security of distributed systems
ACM Transactions on Computer Systems (TOCS)
Small trusted primitives for dependable systems
ACM SIGOPS Operating Systems Review
The Journal of Supercomputing
Hi-index | 0.00 |
In a recent work, we have shown that it is not possible to dependably build any type of distributed f fault or intrusion-tolerant system under the asynchronous model. This result follows from the fact that in an asynchronous environment one cannot guarantee that the system terminates its execution before the occurrence of more than the assumed number of faults.Some systems resorted to proactive recovery as a way to address this problem, by attempting to ensure that no more than f faults ever occur: nodes are periodically rejuvenated to remove the effects of faults or malicious attacks. However, asynchronous systems with proactive recovery also suffer from the same problem. In fact, proactive recovery protocols usually require stronger assumptions (e.g., synchrony, security) than the system that is proactively recovered.To solve this contradiction, we work with a hybrid distributed system model. We propose proactive resilience as a new and more resilient approach to proactive recovery, based on architectural hybridization: proactive recovery functions are encapsulated in architectural devices that meet the required stronger assumptions, and have a well-defined interface with the recovered system.We present the Proactive Resilience Model (PRM) and describe a design methodology under the PRM. This methodology is a way of building systems which guaranteedly do not suffer more than the assumed number of faults, and we use it to derive a distributed intrusion-tolerant secret sharing system.