Service and Protocol Architecture for the MAFTIA Middleware

This document describes the specification of the MAFTIA middleware architecture. This specification focusses on the models, building blocks and services. It describes the tradeoffs made in terms of models, the choices of building blocks and their topology, and the portfolio of services to be offered by the MAFTIA middleware to applications and highlevel services. In particular, regarding the system model, it presents a detailed discussion on the fault, synchrony, topological, and group models, which were used to guide the overall architecture. The architecture was divided into two main levels, the site part which connects to the network and handles all inter-host operations, and a participant part which takes care of all distributed activities and relies on the services provided by the site-part components.

[1]  Geoff Huston,et al.  Next Steps for the IP QoS Architecture , 2000, RFC.

[2]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[3]  Louise E. Moser,et al.  Fast message ordering and membership using a logical token-passing ring , 1993, [1993] Proceedings. The 13th International Conference on Distributed Computing Systems.

[4]  Robbert van Renesse,et al.  Reliable Multicast between Micro-Kernels , 1992, USENIX Workshop on Microkernels and Other Kernel Architectures.

[5]  Sam Toueg,et al.  Unreliable failure detectors for reliable distributed systems , 1996, JACM.

[6]  Katherine Guo,et al.  A transparent light-weight group service , 1996, Proceedings 15th Symposium on Reliable Distributed Systems.

[7]  Nancy A. Lynch,et al.  Probabilistic Simulations for Probabilistic Processes , 1994, Nord. J. Comput..

[8]  Birgit Pfitzmann,et al.  A model for asynchronous reactive systems and its application to secure message transmission , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[9]  Paulo Veríssimo,et al.  Topology-Aware Algorithms for Large-Scale Communication , 1999, Advances in Distributed Systems.

[10]  Rachid Guerraoui,et al.  Abstractions for devising Byzantine-resilient state machine replication , 2000, Proceedings 19th IEEE Symposium on Reliable Distributed Systems SRDS-2000.

[11]  Ran Canetti,et al.  Studies in secure multiparty computation and applications , 1995 .

[12]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[13]  Sam Toueg,et al.  Optimal clock synchronization , 1985, PODC '85.

[14]  André Schiper,et al.  Consensus: The Big Misunderstanding , 1997 .

[15]  Paulo Veríssimo,et al.  The Timely Computing Base , 1999 .

[16]  Shai Halevi,et al.  Clock synchronization with faults and recoveries (extended abstract) , 2000, PODC '00.

[17]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[18]  Paulo Veríssimo,et al.  The Delta-4 approach to dependability in open distributed computing systems , 1988, [1988] The Eighteenth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[19]  Cecília M. F. Rubira,et al.  Fault tolerance in concurrent object-oriented software through coordinated error recovery , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[20]  Birgit Pfitzmann,et al.  Secure Reactive Systems , 2000 .

[21]  Victor Shoup,et al.  Why Chosen Ciphertext Security Matters , 2000 .

[22]  Michael K. Reiter,et al.  How to securely replicate services , 1992, TOPL.

[23]  Andrew Birrell,et al.  Implementing remote procedure calls , 1984, TOCS.

[24]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[25]  A. W. Roscoe,et al.  Verifying an infinite family of inductions simultaneously using data independence and FDR , 1999, FORTE.

[26]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[27]  Alan O. Freier,et al.  Multicast Transport Protocol , 1992, RFC.

[28]  Kenneth P. Birman,et al.  Reliable communication in the presence of failures , 1987, TOCS.

[29]  Yves Deswarte,et al.  Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[30]  Boaz Barak,et al.  Clock Synchronization with Faults and Recoveries ( Extended , 2000 .

[31]  Özalp Babaoglu,et al.  On the reliability of consensus-based fault-tolerant distributed computing systems , 1987, TOCS.

[32]  Ueli Maurer,et al.  Player Simulation and General Adversary Structures in Perfect Multiparty Computation , 2000, Journal of Cryptology.

[33]  Jo-Mei Chang,et al.  Reliable broadcast protocols , 1984, TOCS.

[34]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[35]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[36]  Richard D. Schlichting,et al.  Preserving and using context information in interprocess communication , 1989, TOCS.

[37]  Dominique Alessandri,et al.  Using Rule-Based Activity Descriptions to Evaluate Intrusion-Detection Systems , 2000, Recent Advances in Intrusion Detection.

[38]  David Garlan,et al.  Formal modeling and analysis of the HLA component integration standard , 1998, SIGSOFT '98/FSE-6.

[39]  Michael K. Reiter,et al.  Secure agreement protocols: reliable and atomic group multicast in rampart , 1994, CCS '94.

[40]  Danny Dolev,et al.  Early delivery totally ordered multicast in asynchronous environments , 1993, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing.

[41]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[42]  Louise E. Moser,et al.  Broadcast Protocols for Distributed Systems , 1990, IEEE Trans. Parallel Distributed Syst..

[43]  Christopher Metz,et al.  On the Wire: IP QoS: Traveling First Class on the Internet , 1999, IEEE Internet Comput..

[44]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[45]  Sam Toueg,et al.  Asynchronous consensus and broadcast protocols , 1985, JACM.

[46]  Hermann Kopetz,et al.  Clock Synchronization in Distributed Real-Time Systems , 1987, IEEE Transactions on Computers.

[47]  Moni Naor,et al.  Distributed Pseudo-random Functions and KDCs , 1999, EUROCRYPT.

[48]  Jon Crowcroft,et al.  A multicast transport protocol , 1988, SIGCOMM.

[49]  Flaviu Cristian,et al.  Atomic Broadcast: From Simple Message Diffusion to Byzantine Agreement , 1995, Inf. Comput..

[50]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[51]  Sam Toueg,et al.  Fault-tolerant broadcasts and related problems , 1993 .

[52]  André Schiper,et al.  Lightweight causal and atomic group multicast , 1991, TOCS.

[53]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[54]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[55]  Jie Xu,et al.  Concurrent Exception Handling and Resolution in Distributed Object Systems , 2000, IEEE Trans. Parallel Distributed Syst..

[56]  Birgit Pfitzmann,et al.  Composition and integrity preservation of secure reactive systems , 2000, CCS.

[57]  Dhiraj K. Pradhan,et al.  Consensus With Dual Failure Modes , 1991, IEEE Trans. Parallel Distributed Syst..

[58]  Rosario Gennaro,et al.  Securing Threshold Cryptosystems against Chosen Ciphertext Attack , 1998, Journal of Cryptology.

[59]  Paulo Veríssimo,et al.  Quasi-Synchronism: a step away from the traditional fault-tolerant real-time system models , 1995 .

[60]  Theodore Johnson,et al.  Two Approaches for High Concurrency in Multicast-Based Object Replication , 1994 .

[61]  Paulo Veríssimo,et al.  Totally ordered multicast in large-scale systems , 1996, Proceedings of 16th International Conference on Distributed Computing Systems.

[62]  Butler W. Lampson,et al.  Atomic Transactions , 1980, Advanced Course: Distributed Systems.

[63]  Miguel Correia,et al.  The architecture of a secure group communication system based on intrusion tolerance , 2001, Proceedings 21st International Conference on Distributed Computing Systems Workshops.

[64]  Paulo Veríssimo,et al.  Causal separators for large-scale multicast communication , 1995, Proceedings of 15th International Conference on Distributed Computing Systems.

[65]  Andrew S. Tanenbaum,et al.  Group communication in the Amoeba distributed operating system , 1991, [1991] Proceedings. 11th International Conference on Distributed Computing Systems.

[66]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[67]  Louise E. Moser,et al.  Byzantine-Resistant Total Ordering Algorithms , 1999, Inf. Comput..

[68]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[69]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[70]  Miguel Correia,et al.  The Middleware Architecture of MAFTIA: A Blueprint , 2000 .

[71]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[72]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[73]  Gene Tsudik,et al.  The design of a group key agreement API , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[74]  Brian Randell,et al.  Error recovery in asynchronous systems , 1986, IEEE Transactions on Software Engineering.

[75]  Li Gong,et al.  A security risk of depending on synchronized clocks , 1992, OPSR.

[76]  Antonio Casimiro,et al.  The timely computing base: Timely actions in the presence of uncertain timeliness , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[77]  Colin J. Fidge,et al.  Timestamps in Message-Passing Systems That Preserve the Partial Ordering , 1988 .

[78]  Paulo Veríssimo,et al.  Group orientation: a paradigm for modern distributed systems , 1992, EW 5.

[79]  Liuba Shrira,et al.  Lazy replication: exploiting the semantics of distributed services (extended abstract) , 1990, OPSR.

[80]  Willy Zwaenepoel,et al.  Distributed process groups in the V Kernel , 1985, TOCS.

[81]  J. van Leeuwen,et al.  Information Security , 2003, Lecture Notes in Computer Science.

[82]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[83]  Avelino Francisco Zorzo,et al.  Rigorous development of a safety-critical system based on coordinated atomic actions , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[84]  Gene Tsudik,et al.  New multiparty authentication services and key agreement protocols , 2000, IEEE Journal on Selected Areas in Communications.

[85]  Ran Canetti,et al.  Proactive Security: Long-term protection against break-ins , 1997 .

[86]  P. Veríssimo,et al.  Time, clocks and temporal order , 1999 .

[87]  Farnam Jahanian,et al.  Experimental study of Internet stability and backbone failures , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[88]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[89]  E. Allen Emerson,et al.  Temporal and Modal Logic , 1991, Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics.

[90]  J. Van Leeuwen,et al.  Handbook of theoretical computer science - Part A: Algorithms and complexity; Part B: Formal models and semantics , 1990 .

[91]  Danny Dolev,et al.  On the minimal synchronism needed for distributed consensus , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[92]  Henning Schulzrinne,et al.  RTP: A Transport Protocol for Real-Time Applications , 1996, RFC.

[93]  Ran Canetti,et al.  Fast asynchronous Byzantine agreement with optimal resilience , 1993, STOC.

[94]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[95]  Piotr Berman,et al.  Randomized distributed agreement revisited , 1993, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing.

[96]  Paulo Veríssimo,et al.  A replication-transparent remote invocation protocol , 1994, Proceedings of IEEE 13th Symposium on Reliable Distributed Systems.