A Byzantine Fault Tolerance Model for a Multi-cloud Computing

Data security has become an important requirement for clients when dealing with clouds that may fail due to faults in the software or hardware, or attacks from malicious insiders. Hence, building a highly dependable and reliable cloud system has become a critical research problem. This paper presents BFT-MCDB (Byzantine Fault Tolerance Multi-Clouds Database), a practical model for building a system with Byzantine fault tolerance in a multi-cloud environment. The model relies on a novel approach that combines Byzantine Agreement protocols and Shamir's secret sharing approach to detect Byzantine failure in a multi-cloud computing environment as well as ensuring the security of the stored data within the cloud. Using qualitative analysis, we show that adopting the Byzantine Agreement protocols in the proposed BFT-MCDB model increases system reliability and enables gains in regard to the three security dimensions (data integrity, data confidentiality, and service availability). We also carry out experiments to determine the overheads of using the Agreement protocols.

[1]  Michael Dahlin,et al.  Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults , 2009, NSDI.

[2]  Barry W. Johnson Design & analysis of fault tolerant digital systems , 1988 .

[3]  Simson L. Garfinkel,et al.  An Evaluation of Amazon's Grid Computing Services: EC2, S3, and SQS , 2007 .

[4]  Mark Ryan,et al.  Cloud computing security: The scientific challenge, and a survey of solutions , 2013, J. Syst. Softw..

[5]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.

[6]  Ramakrishna Kotla,et al.  Zyzzyva , 2007, SOSP.

[7]  Eric Pardede,et al.  A new model to ensure security in cloud computing services , 2012, J. Serv. Sci. Res..

[8]  Eric Pardede,et al.  MCDB: Using Multi-clouds to Ensure Security in Cloud Computing , 2011, 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing.

[9]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[10]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[11]  Eric Pardede,et al.  A New approach using redundancy technique to improve security in cloud computing , 2012, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec).

[12]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[13]  Simson L. Garfinkel,et al.  Email-Based Identification and Authentication: An Alternative to PKI? , 2003, IEEE Secur. Priv..

[14]  Petr Kuznetsov,et al.  BFTW3: why? when? where? workshop on the theory and practice of byzantine fault tolerance , 2010, SIGA.

[15]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[16]  Divyakant Agrawal,et al.  Database Management as a Service: Challenges and Opportunities , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[17]  Robbert van Renesse,et al.  Toward a cloud computing research agenda , 2009, SIGA.

[18]  Eric Pardede,et al.  A Survey on Data Security Issues in Cloud Computing: From Single to Multi-Clouds , 2013, J. Softw..

[19]  Douglas R. Stinson,et al.  An explication of secret sharing schemes , 1992, Des. Codes Cryptogr..

[20]  Marko Vukolic,et al.  The byzantine empire in the intercloud , 2010, SIGA.

[21]  James A. Thom,et al.  Cloud Computing Security: From Single to Multi-clouds , 2012, 2012 45th Hawaii International Conference on System Sciences.

[22]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[23]  Eric Pardede,et al.  Using Multi Shares for Ensuring Privacy in Database-as-a-Service , 2011, 2011 44th Hawaii International Conference on System Sciences.