Linearizability: a correctness condition for concurrent objects
ACM Transactions on Programming Languages and Systems (TOPLAS)
Implementing fault-tolerant services using the state machine approach: a tutorial
ACM Computing Surveys (CSUR)
New Hybrid Fault Models for Asynchronous Approximate Agreement
IEEE Transactions on Computers
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
Flexible update propagation for weakly consistent replication
Proceedings of the sixteenth ACM symposium on Operating systems principles
ACM Transactions on Computer Systems (TOCS)
Practical Byzantine fault tolerance
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
The Byzantine Generals Problem
ACM Transactions on Programming Languages and Systems (TOPLAS)
Time, clocks, and the ordering of events in a distributed system
Communications of the ACM
BASE: using abstraction to improve fault tolerance
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Practical byzantine fault tolerance and proactive recovery
ACM Transactions on Computer Systems (TOCS)
An Architecture for Survivable Coordination in Large Distributed Systems
IEEE Transactions on Knowledge and Data Engineering
Reaching Approximate Agreement with Mixed-Mode Faults
IEEE Transactions on Parallel and Distributed Systems
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Secure History Preservation Through Timeline Entanglement
Proceedings of the 11th USENIX Security Symposium
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Separating agreement from execution for byzantine fault tolerant services
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
The IBM PCIXCC: a new cryptographic coprocessor for the IBM eServer
IBM Journal of Research and Development
Ivy: a read/write peer-to-peer file system
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
BAR fault tolerance for cooperative services
Proceedings of the twentieth ACM symposium on Operating systems principles
Fault-scalable Byzantine fault-tolerant services
Proceedings of the twentieth ACM symposium on Operating systems principles
Singularity: rethinking the software stack
ACM SIGOPS Operating Systems Review - Systems work at Microsoft Research
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Strong accountability for network storage
FAST '07 Proceedings of the 5th USENIX conference on File and Storage Technologies
lmbench: portable tools for performance analysis
ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
Sealing OS processes to improve dependability and safety
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
Zyzzyva: speculative byzantine fault tolerance
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
PeerReview: practical accountability for distributed systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
HQ replication: a hybrid quorum protocol for byzantine fault tolerance
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Beyond one-third faulty replicas in byzantine fault tolerant systems
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
PeerReview: practical accountability for distributed systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Distributed computing in SOSP and OSDI
ACM SIGACT News
Diverse replication for single-machine Byzantine-fault tolerance
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
MobiRate: making mobile raters stick to their word
UbiComp '08 Proceedings of the 10th international conference on Ubiquitous computing
Tiered fault tolerance for long-term integrity
FAST '09 Proccedings of the 7th conference on File and storage technologies
Reducing the costs of large-scale BFT replication
LADIS '08 Proceedings of the 2nd Workshop on Large-Scale Distributed Systems and Middleware
ACM SIGACT News
TrInc: small trusted hardware for large distributed systems
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Zeno: eventually consistent Byzantine-fault tolerance
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Functional decomposition and interactions in hybrid intrusion-tolerant systems
Proceedings of the 3rd International DiscCoTec Workshop on Middleware-Application Interaction
Zyzzyva: Speculative Byzantine fault tolerance
ACM Transactions on Computer Systems (TOCS)
Enhanced Fault-Tolerance through Byzantine Failure Detection
OPODIS '09 Proceedings of the 13th International Conference on Principles of Distributed Systems
Proceedings of the 5th European conference on Computer systems
Asynchronous Byzantine consensus with 2f+1 processes
Proceedings of the 2010 ACM Symposium on Applied Computing
Cumulative attestation kernels for embedded systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Scalable byzantine computation
ACM SIGACT News
Consistability: describing usually consistent systems
HotDep'08 Proceedings of the Fourth conference on Hot topics in system dependability
Augmented smartphone applications through clone cloud execution
HotOS'09 Proceedings of the 12th conference on Hot topics in operating systems
Prophecy: using history for high-throughput fault tolerance
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
Mencius: building efficient replicated state machines for WANs
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Efficient data structures for tamper-evident logging
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Venus: verification for untrusted cloud storage
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Towards flexible and secure distributed aggregation
AIMS'10 Proceedings of the Mechanisms for autonomous management of networks and services, and 4th international conference on Autonomous infrastructure, management and security
Fast asynchronous consensus with optimal resilience
DISC'10 Proceedings of the 24th international conference on Distributed computing
Depot: cloud storage with minimal trust
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
SPORC: group collaboration using untrusted cloud resources
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Small trusted primitives for dependable systems
ACM SIGOPS Operating Systems Review
Integrity and consistency for untrusted services
SOFSEM'11 Proceedings of the 37th international conference on Current trends in theory and practice of computer science
Increasing performance in byzantine fault-tolerant systems with on-demand replica consistency
Proceedings of the sixth conference on Computer systems
Enabling security in cloud storage SLAs with CloudProof
USENIXATC'11 Proceedings of the 2011 USENIX conference on USENIX annual technical conference
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Depot: Cloud Storage with Minimal Trust
ACM Transactions on Computer Systems (TOCS)
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
SIAM Journal on Computing
Commensal cuckoo: secure group partitioning for large-scale services
ACM SIGOPS Operating Systems Review
CheapBFT: resource-efficient byzantine fault tolerance
Proceedings of the 7th ACM european conference on Computer Systems
Sensor tricorder: what does that sensor know about me?
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
On the (limited) power of non-equivocation
PODC '12 Proceedings of the 2012 ACM symposium on Principles of distributed computing
On the price of equivocation in byzantine agreement
PODC '12 Proceedings of the 2012 ACM symposium on Principles of distributed computing
Pasture: secure offline data access using commodity trusted hardware
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Multi-user dynamic proofs of data possession using trusted hardware
Proceedings of the third ACM conference on Data and application security and privacy
Iwazaru: the byzantine sequencer
ARCS'13 Proceedings of the 26th international conference on Architecture of Computing Systems
Verifying cloud services: present and future
ACM SIGOPS Operating Systems Review
Authenticated storage using small trusted hardware
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Scalable and leaderless Byzantine consensus in cloud computing environments
Information Systems Frontiers
| Hi-index | 0.00 |
Researchers have made great strides in improving the fault tolerance of both centralized and replicated systems against arbitrary (Byzantine) faults. However, there are hard limits to how much can be done with entirely untrusted components; for example, replicated state machines cannot tolerate more than a third of their replica population being Byzantine. In this paper, we investigate how minimal trusted abstractions can push through these hard limits in practical ways. We propose Attested Append-Only Memory (A2M), a trusted system facility that is small, easy to implement and easy to verify formally. A2M provides the programming abstraction of a trusted log, which leads to protocol designs immune to equivocation -- the ability of a faulty host to lie in different ways to different clients or servers -- which is a common source of Byzantine headaches. Using A2M, we improve upon the state of the art in Byzantine-fault tolerant replicated state machines, producing A2M-enabled protocols (variants of Castro and Liskov's PBFT) that remain correct (linearizable) and keep making progress (live) even when half the replicas are faulty, in contrast to the previous upper bound. We also present an A2M-enabled single-server shared storage protocol that guarantees linearizability despite server faults. We implement A2M and our protocols, evaluate them experimentally through micro- and macro-benchmarks, and argue that the improved fault tolerance is cost-effective for a broad range of uses, opening up new avenues for practical, more reliable services.