Applications of Byzantine agreement in database systems
ACM Transactions on Database Systems (TODS)
Implementing fault-tolerant services using the state machine approach: a tutorial
ACM Computing Surveys (CSUR)
The generalized tree quorum protocol: an efficient approach for managing replicated data
ACM Transactions on Database Systems (TODS)
Secure agreement protocols: reliable and atomic group multicast in rampart
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
The Totem single-ring ordering and membership protocol
ACM Transactions on Computer Systems (TOCS)
Impossibility of distributed consensus with one faulty process
Journal of the ACM (JACM)
An adaptive data replication algorithm
ACM Transactions on Database Systems (TODS)
Multiview access protocols for large-scale replication
ACM Transactions on Database Systems (TODS)
The Totem multiple-ring ordering and topology maintenance protocol
ACM Transactions on Computer Systems (TOCS)
Designing Masking Fault-Tolerance via Nonmasking Fault-Tolerance
IEEE Transactions on Software Engineering
Principles of distributed database systems (2nd ed.)
Principles of distributed database systems (2nd ed.)
Practical Byzantine fault tolerance
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Byzantine-resistant total ordering algorithms
Information and Computation
Survivability performance analysis of rerouting strategies in an ATM/VP DCS survivable mesh network
ACM SIGCOMM Computer Communication Review
Fundamentals of fault-tolerant distributed computing in asynchronous environments
ACM Computing Surveys (CSUR)
The Weak Byzantine Generals Problem
Journal of the ACM (JACM)
Survivability—a new technical and business perspective on security
Proceedings of the 1999 workshop on New security paradigms
A high-throughput secure reliable multicast protocol
Journal of Computer Security
Policies for using replica groups and their effectiveness over the Internet
COMM '00 Proceedings of NGC 2000 on Networked group communication
The Byzantine Generals Problem
ACM Transactions on Programming Languages and Systems (TOPLAS)
A new approach to developing and implementing eager database replication protocols
ACM Transactions on Database Systems (TODS)
Intrusion confinement by isolation in information systems
Journal of Computer Security - Special issue on database security
Survivability analysis of networked systems
ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
A framework for constructing features and models for intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
The SecureRing group communication system
ACM Transactions on Information and System Security (TISSEC)
Fault Detection for Byzantine Quorum Systems
IEEE Transactions on Parallel and Distributed Systems
Distributed Algorithms
MSWiM '02 Proceedings of the 5th ACM international workshop on Modeling analysis and simulation of wireless and mobile systems
An Architecture for Survivable Coordination in Large Distributed Systems
IEEE Transactions on Knowledge and Data Engineering
Recovery from Malicious Transactions
IEEE Transactions on Knowledge and Data Engineering
Architectures for Intrusion Tolerant Database Systems
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
PODC '83 Proceedings of the second annual ACM symposium on Principles of distributed computing
Secure and Scalable Replication in Phalanx
SRDS '98 Proceedings of the The 17th IEEE Symposium on Reliable Distributed Systems
Strong Replica Consistency for Fault-Tolerant CORBA Applications
WORDS '01 Proceedings of the Sixth International Workshop on Object-Oriented Real-Time Dependable Systems (WORDS'01)
From Total Order to Database Replication
ICDCS '02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS'02)
Multi-Phase Damage Confinement in Database Systems for Intrusion Tolerance
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Processing Transactions over Optimistic Atomic Broadcast Protocols
ICDCS '99 Proceedings of the 19th IEEE International Conference on Distributed Computing Systems
Multi-Version Attack Recovery for Workflow Systems
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Self-Healing Workflow Systems under Attacks
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
Distributed Computing
Self-securing storage: protecting data in compromised system
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
| Hi-index | 0.00 |
It is important for critical applications to provide critical services without any integrity or availability degradation in the presence of intrusions. This requirement can be satisfied by intrusion masking techniques under some situations. Compared with intrusion tolerance techniques, where some integrity or availability degradations are usually caused, intrusion masking techniques use substantial replications to avoid such degradations. Existing intrusion masking techniques, such as the state machine approach, can effectively mask intrusions when processing requests from a client using a server replica group, but they are fairly limited in processing a (multi-stage) distributed operation across multiple server replica groups. As more and more applications (e.g., supply chain management, distributed banking) need to process distributed operations in an intrusion-masking fashion, it is in urgent need to overcome the limitations of existing intrusion masking techniques. In this paper, we specify and compose two intrusion-masking models for inter-replica-group distributed computing. Using these two models, a variety of applications can mask (numerous kinds of) intrusions. Our intrusion masking models overcome the limitations of existing intrusion masking techniques. The survivability of our intrusion-masking models is quantitatively analyzed. A simple yet practical implementation method of our intrusion-masking models is proposed and applied to build two intrusion-masking two-phase-commit (2PC) protocols, and the corresponding efficiency is analyzed. The two intrusion-masking 2PC protocols and the analysis results show that the proposed intrusion-masking models have good utility, practicality, and survivability. Finally, the composition methodology developed in this paper can also be used to develop other intrusion-masking distributed computing models.