Intrusion-tolerant Enclaves

Despite our best efforts, any sufficiently complex computer system has vulnerabilities. It is safe to assume that such vulnerabilities can be exploited by attackers who will be able to penetrate the system. Intrusion tolerance attempts to maintain acceptable service despite such intrusions. This paper presents an application of intrusion-tolerance concepts to Enclaves, a software infrastructure for supporting secure group applications. Intrusion tolerance is achieved via a combination of Byzantine fault-tolerant protocols and secret sharing techniques.

[1]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, Inf. Comput..

[2]  Pradeep K. Khosla,et al.  Survivable Information Storage Systems , 2000, Computer.

[3]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[4]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[5]  Li Gong,et al.  Increasing Availability and Security of an Authentication Service , 1993, IEEE J. Sel. Areas Commun..

[6]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[7]  Danny Dolev,et al.  Ensemble Security , 1998 .

[8]  Yves Deswarte,et al.  Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  Gene Tsudik,et al.  CLIQUES: a new approach to group key agreement , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[10]  Yves Deswarte,et al.  Intrusion-Tolerance Using Fine-Grain Fragmentation-Scattering , 1986, 1986 IEEE Symposium on Security and Privacy.

[11]  R. V. Renesse,et al.  Horus: a flexible group communication system , 1996, CACM.

[12]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[13]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1985, JACM.

[14]  Brian Randell,et al.  Designing Secure and Reliable Applications using Fragmentation-Redundancy-Scattering: An Object-Oriented Approach , 1994, EDCC.

[15]  Michael K. Reiter,et al.  The Rampart Toolkit for Building High-Integrity Services , 1994, Dagstuhl Seminar on Distributed Systems.

[16]  Li Gong,et al.  Enclaves: Enabling Secure Collaboration Over the Internet , 1996, IEEE J. Sel. Areas Commun..

[17]  Sam Toueg,et al.  Asynchronous consensus and broadcast protocols , 1985, JACM.

[18]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[19]  Yongdae Kim,et al.  Secure group communication in asynchronous networks with failures: integration and experiments , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.

[20]  Survivable information storage systems - Computer , 2000 .

[21]  Hassen Saïdi Intrusion-Tolerant Group Management in Enclaves , 2001, Security Protocols Workshop.

[22]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[23]  Yvo Desmedt,et al.  Shared Generation of Authenticators and Signatures (Extended Abstract) , 1991, CRYPTO.

[24]  Dan Boneh,et al.  Building intrusion tolerant applications , 1999, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[25]  Louise E. Moser,et al.  The SecureRing protocols for securing group communication , 1998, Proceedings of the Thirty-First Hawaii International Conference on System Sciences.

[26]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[27]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.