Malicious- and Accidental-Fault Tolerance for Internet Applications

This document briefly describes three prototypes, each one corresponding to a subset of the MAFTIA middleware architecture. Together, these prototypes represent the most important components of the architecture, and constitute Deliverable D25 Running Lab Prototype of MAFTIA Middleware. The code distribution of the prototypes is available for review, and it includes a more extensive documentation. The first prototype is composed of an implementation of the Trusted Timely Computing Base (TTCB) on a real-time Linux kernel, and two secure reliable multicast protocols that explore the services provided by the TTCB. The second prototype implements the Communication Support (CS) layer of the architecture, and supplies a number of protocols including binary and multi-value agreement and atomic broadcast. The third prototype represents an Activity Support (AS) module and offers a transactional support service. This prototype implements a number of protocols and activities that facilitate the creation of resource and transaction managers.

[1]  Daniel R. Simon,et al.  Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack , 1991, CRYPTO.

[2]  Renaud Deraison,et al.  Nessus , 2003, login Usenix Mag..

[3]  Peng Liu,et al.  The design of an adaptive intrusion tolerant database system , 2003, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[4]  Peter G. Neumann,et al.  Computer-related risks , 1994 .

[5]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[6]  Donald A. Norman,et al.  Design rules based on analyses of human error , 1983, CACM.

[7]  Marc Dacier,et al.  A revised taxonomy for intrusion-detection systems , 2000, Ann. des Télécommunications.

[8]  Keith McCloghrie,et al.  Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2) , 1996, RFC.

[9]  Harold Joseph Highland,et al.  AIN'T misbehaving—A taxonomy of anti-intrusion techniques , 1995 .

[10]  Robert Monsour,et al.  IP Payload Compression Protocol (IPComp) , 1998, RFC.

[11]  Miguel Correia,et al.  Efficient Byzantine-resilient reliable multicast on a hybrid failure model , 2002, 21st IEEE Symposium on Reliable Distributed Systems, 2002. Proceedings..

[12]  Rachid Guerraoui,et al.  Transaction Model vs. Virtual Synchrony Model: Bridging the Gap , 1994, Dagstuhl Seminar on Distributed Systems.

[13]  David Powell,et al.  Failure mode assumptions and assumption coverage , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.

[14]  P. M. Melliar-Smith,et al.  Synchronizing clocks in the presence of faults , 1985, JACM.

[15]  Fritz Hohl,et al.  Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts , 1998, Mobile Agents and Security.

[16]  John D. Howard,et al.  An analysis of security incidents on the Internet 1989-1995 , 1998 .

[17]  Arjen K. Lenstra,et al.  Selecting Cryptographic Key Sizes , 2000, Journal of Cryptology.

[18]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[19]  Andrew William Roscoe,et al.  The Theory and Practice of Concurrency , 1997 .

[20]  Torleiv Kløve,et al.  Error detecting codes , 1995 .

[21]  Sam Toueg,et al.  A Modular Approach to Fault-Tolerant Broadcasts and Related Problems , 1994 .

[22]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[23]  Eugene H. Spafford,et al.  A Taxonomy of Common Computer Security Vulnerabilities Based on their Method of Detection , 1995 .

[24]  Erland Jonsson,et al.  How to systematically classify computer security intrusions , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[25]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[26]  George Coulouris,et al.  Distributed systems - concepts and design , 1988 .

[27]  Donald E. Knuth,et al.  The errors of tex , 1989, Softw. Pract. Exp..

[28]  Karl-Erwin Großpietsch,et al.  Fault tolerance , 1994, IEEE Micro.

[29]  Willy Zwaenepoel,et al.  Distributed process groups in the V Kernel , 1985, TOCS.

[30]  John C. Mitchell,et al.  A probabilistic poly-time framework for protocol analysis , 1998, CCS '98.

[31]  Eugene H. Spafford,et al.  Using embedded sensors for detecting network attacks , 2000 .

[32]  Donald Beaver,et al.  Secure multiparty protocols and zero-knowledge proof systems tolerating a faulty minority , 2004, Journal of Cryptology.

[33]  Gustavo Alonso,et al.  Understanding replication in databases and distributed systems , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.

[34]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[35]  J. Noelle McAuliffe,et al.  Is your computer being misused? A survey of current intrusion detection system technology , 1990, [1990] Proceedings of the Sixth Annual Computer Security Applications Conference.

[36]  John E. Dobson,et al.  Modelling real-world issues for dependable software , 1989 .

[37]  Kenneth P. Birman,et al.  Exploiting virtual synchrony in distributed systems , 1987, SOSP '87.

[38]  Marc Dacier,et al.  MAFTIA (Malicious− and Accidental− Fault Tolerance for Internet Applications , 2001 .

[39]  P. M. Melliar-Smith,et al.  Software reliability: The role of programmed exception handling , 1977, Language Design for Reliable Software.

[40]  Daniel Bleichenbacher,et al.  Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1 , 1998, CRYPTO.

[41]  Leonid A. Levin,et al.  Fair Computation of General Functions in Presence of Immoral Majority , 1990, CRYPTO.

[42]  Cecília M. F. Rubira,et al.  Fault tolerance in concurrent object-oriented software through coordinated error recovery , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[43]  Nancy A. Lynch,et al.  Probabilistic Simulations for Probabilistic Processes , 1994, Nord. J. Comput..

[44]  Pankaj Rohatgi,et al.  EMpowering Side-Channel Attacks , 2001, IACR Cryptology ePrint Archive.

[45]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[46]  David Powell,et al.  A fault- and intrusion- tolerant file system , 1985 .

[47]  Silvio Micali,et al.  Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements , 2000, EUROCRYPT.

[48]  Birgit Pfitzmann,et al.  Secure Reactive Systems , 2000 .

[49]  Rangaswamy Jagannathan,et al.  SYSTEM DESIGN DOCUMENT: NEXT-GENERATION INTRUSION DETECTION EXPERT SYSTEM (NIDES) , 1993 .

[50]  William Stallings Network and Internetwork Security: Principles and Practice , 1994 .

[51]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[52]  Michael K. Reiter,et al.  How to securely replicate services , 1992, TOPL.

[53]  Keith McCloghrie,et al.  Management Information Base for version 2 of the Simple Network Management Protocol (SNMPv2) , 1993, RFC.

[54]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[55]  Ran Canetti,et al.  An Efficient Threshold Public Key Cryptosystem Secure Against Adaptive Chosen Ciphertext Attack , 1999, EUROCRYPT.

[56]  Hans Hermann Brüggemann Prioritäten für eine verteilte, objekt-orientierte Zugriffskontrolle , 1993, VIS.

[57]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[58]  Uri Blumenthal,et al.  User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) , 1998, RFC.

[59]  Bill Cheswick,et al.  Firewalls and internet security - repelling the wily hacker , 2003, Addison-Wesley professional computing series.

[60]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[61]  Richard Lippmann,et al.  Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation , 2000, Recent Advances in Intrusion Detection.

[62]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[63]  ManganarisStefanos,et al.  A data mining analysis of RTID alarms , 2000 .

[64]  Andrew Birrell,et al.  Implementing remote procedure calls , 1984, TOCS.

[65]  Bruce G. Lindsay,et al.  Transaction management in the R* distributed database management system , 1986, TODS.

[66]  Flaviu Cristian,et al.  Atomic Broadcast: From Simple Message Diffusion to Byzantine Agreement , 1995, Inf. Comput..

[67]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[68]  Paul Dischamp,et al.  Power Analysis, What Is Now Possible , 2000, ASIACRYPT.

[69]  Marc Dacier,et al.  Reference Model and Use Cases , 2000 .

[70]  Birgit Pfitzmann,et al.  A Formal Model for Multiparty Group Key Agreement , 2002 .

[71]  William C. Carter,et al.  Design of dynamically checked computers , 1968, IFIP Congress.

[72]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[73]  Oded Goldreich,et al.  Foundations of Cryptography (Fragments of a Book) , 1995 .

[74]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[75]  Eugene H. Spafford,et al.  Computer Vulnerability Analysis , 1998 .

[76]  Marc Dacier,et al.  Intrusion Detection Using Variable-Length Audit Trail Patterns , 2000, Recent Advances in Intrusion Detection.

[77]  Joachim Biskup Sicherheit von IT-Systemen als "sogar wenn - sonst nichts - Eigenschaft" , 1993, VIS.

[78]  S. G. Frison,et al.  INTERACTIVE CONSISTENCY AND ITS IMPACT ON THE DESIGN IN TMR SYSTEMS , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, ' Highlights from Twenty-Five Years'..

[79]  Carl E. Landwehr,et al.  A taxonomy of computer program security flaws , 1993, CSUR.

[80]  Bernadette Charron-Bost,et al.  On the impossibility of group membership , 1996, PODC '96.

[81]  H. Kopetz,et al.  Dependability: Basic Concepts and Terminology , 1992, Dependable Computing and Fault-Tolerant Systems.

[82]  John C. Mitchell,et al.  Probabilistic Polynomial-Time Equivalence and Security Analysis , 1999, World Congress on Formal Methods.

[83]  Miguel Correia,et al.  The architecture of a secure group communication system based on intrusion tolerance , 2001, Proceedings 21st International Conference on Distributed Computing Systems Workshops.

[84]  Michael K. Reiter A Secure Group Membership Protocol , 1996, IEEE Trans. Software Eng..

[85]  Ricardo Jiménez-Peris,et al.  An Integrated Approach to Transactions and Group Communication , 2000 .

[86]  Hugo Krawczyk,et al.  A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract) , 1998, STOC '98.

[87]  Richard D. Schlichting,et al.  Preserving and using context information in interprocess communication , 1989, TOCS.

[88]  Dominique Alessandri,et al.  Using Rule-Based Activity Descriptions to Evaluate Intrusion-Detection Systems , 2000, Recent Advances in Intrusion Detection.

[89]  Luís E. T. Rodrigues,et al.  Flexible communication support for CSCW applications , 1999, 6th International Symposium on String Processing and Information Retrieval. 5th International Workshop on Groupware (Cat. No.PR00268).

[90]  Partha Dasgupta,et al.  The Clouds distributed operating system: functional description, implementation details and related work , 1988, [1988] Proceedings. The 8th International Conference on Distributed.

[91]  Jean Arlat,et al.  Definition and analysis of hardware- and software-fault-tolerant architectures , 1990, Computer.

[92]  C. Cachin,et al.  Full Design of Dependable Third Party Services , 2002 .

[93]  Sam Toueg,et al.  The weakest failure detector for solving consensus , 1992, PODC '92.

[94]  Rafail Ostrovsky,et al.  How To Withstand Mobile Virus Attacks , 1991, PODC 1991.

[95]  Sam Toueg,et al.  Unreliable failure detectors for reliable distributed systems , 1996, JACM.

[96]  D SchlichtingRichard,et al.  Preserving and using context information in interprocess communication , 1989 .

[97]  Diego Zamboni,et al.  Data collection mechanisms for intrusion detection systems , 2000 .

[98]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[99]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[100]  Bernard Courtois,et al.  A generalized theory of fail-safe systems , 1989, [1989] The Nineteenth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[101]  Gabriel Bracha,et al.  An asynchronous [(n - 1)/3]-resilient consensus protocol , 1984, PODC '84.

[102]  André Schiper,et al.  Lightweight causal and atomic group multicast , 1991, TOCS.

[103]  Algirdas Avizienis,et al.  Design of fault-tolerant computers , 1967, AFIPS '67 (Fall).

[104]  Eugene H. Spafford,et al.  The internet worm program: an analysis , 1989, CCRV.

[105]  B. P. Ziegler,et al.  Theory of Modeling and Simulation , 1976 .

[106]  Louise E. Moser,et al.  Solving Consensus in a Byzantine Environment Using an Unreliable Fault Detector , 1997, OPODIS.

[107]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[108]  Brian Randell,et al.  Designing Secure and Reliable Applications using FRS: An Object-Oriented Approach , 1993 .

[109]  Hervé Debar,et al.  A neural network component for an intrusion detection system , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[110]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[111]  Rachid Guerraoui,et al.  Encapsulating Failure Detection: From Crash to Byzantine Failures , 2002, Ada-Europe.

[112]  Kenneth P. Birman,et al.  Reliable communication in the presence of failures , 1987, TOCS.

[113]  Miguel Correia,et al.  Service and Protocol Architecture for the MAFTIA Middleware , 2001 .

[114]  Hervé Debar,et al.  Building an Intrusion-Detection System to Detect Suspicious Process Behavior , 1999, Recent Advances in Intrusion Detection.

[115]  Fred B. Schneider,et al.  Enforceable security policies , 2000, TSEC.

[116]  Marc Dacier,et al.  Towards a taxonomy of intrusion-detection systems , 1999, Comput. Networks.

[117]  Jacob A. Abraham,et al.  LBW COST SCEEMES FOR FAULT TOLEEANCE IN MATRIX OPERATIONS WITH PROCESSOR ARRAYS , 1982 .

[118]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[119]  Birgit Pfitzmann,et al.  Computational probabilistic noninterference , 2002, International Journal of Information Security.

[120]  Sam Toueg,et al.  Asynchronous consensus and broadcast protocols , 1985, JACM.

[121]  Hermann Kopetz,et al.  Clock Synchronization in Distributed Real-Time Systems , 1987, IEEE Transactions on Computers.

[122]  Miguel Correia,et al.  The Design of a COTSReal-Time Distributed Security Kernel , 2002, EDCC.

[123]  Andrew S. Tanenbaum,et al.  Operating systems: design and implementation , 1987, Prentice-Hall software series.

[124]  Brian Randell,et al.  Protecting IT Systems from Cyber Crime , 1998, Comput. J..

[125]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[126]  Luís E. T. Rodrigues,et al.  Appia, a flexible protocol kernel supporting multiple coordinated channels , 2001, Proceedings 21st International Conference on Distributed Computing Systems.

[127]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[128]  Miguel Correia,et al.  The Design of a COTS Real-Time Distributed Security Kernel (Extended Version) , 2001 .

[129]  S. Yau,et al.  Design of self-checking software , 1975, Reliable Software.

[130]  Paulo Veríssimo,et al.  The Delta-4 approach to dependability in open distributed computing systems , 1988, [1988] The Eighteenth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[131]  John F. Wakerly,et al.  Error detecting codes, self-checking circuits and applications , 1978 .

[132]  James P. Black,et al.  Redundancy in Data Structures: Improving Software Fault Tolerance , 1980, IEEE Transactions on Software Engineering.

[133]  Merriam Webster Merriam-Webster's Collegiate Dictionary , 2016 .

[134]  Jon Postel,et al.  User Datagram Protocol , 1980, RFC.

[135]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[136]  Klaus Julisch Dealing with False Positives in Intrusion Detection , 2000 .

[137]  Silvio Micali,et al.  Verifiable Secret Sharing as Secure Computation , 1994, EUROCRYPT.

[138]  Stuart A. Kurtz,et al.  Biological computing , 1998 .

[139]  Kathleen A. Jackson INTRUSION DETECTION SYSTEM (IDS) PRODUCT SURVEY , 1999 .

[140]  Danny Dolev,et al.  On the minimal synchronism needed for distributed consensus , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[141]  Stuart Haber,et al.  How to time-stamp a digital document , 1990, Journal of Cryptology.

[142]  Henning Schulzrinne,et al.  RTP: A Transport Protocol for Real-Time Applications , 1996, RFC.

[143]  Jie Xu,et al.  Coordinated exception handling in distributed object systems: from model to system implementation , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[144]  Paulo Veríssimo,et al.  Timing Failure Detection with a Timely Computing Base , 1999 .

[145]  Flaviu Cristian,et al.  Agreeing on who is present and who is absent in a synchronous distributed system , 1988, [1988] The Eighteenth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[146]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[147]  André Schiper,et al.  From group communication to transactions in distributed systems , 1996, CACM.

[148]  Liuba Shrira,et al.  Lazy replication: exploiting the semantics of distributed services (extended abstract) , 1990, OPSR.

[149]  Stefan Axelsson,et al.  Intrusion Detection Systems: A Survey and Taxonomy , 2002 .

[150]  Katherine Guo,et al.  A transparent light-weight group service , 1996, Proceedings 15th Symposium on Reliable Distributed Systems.

[151]  J. van Leeuwen,et al.  Information Security , 2003, Lecture Notes in Computer Science.

[152]  Stefan Axelsson,et al.  The base-rate fallacy and its implications for the difficulty of intrusion detection , 1999, CCS '99.

[153]  Brian Randell,et al.  Coordinated Atomic Actions: from Concept to Implementation , 1997 .

[154]  Avelino Francisco Zorzo,et al.  Rigorous development of a safety-critical system based on coordinated atomic actions , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[155]  C. Cachin Malicious- and Accidental-Fault Tolerance for Internet Applications Specification of Dependable Trusted Third Parties , 2001 .

[156]  S. Braunstein,et al.  Quantum computation , 1996 .

[157]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)* , 2000, Journal of Cryptology.

[158]  Uri Blumenthal,et al.  User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) , 1998, RFC.

[159]  Hugo Miranda,et al.  Plataforma de suporte ao desenvolvimento e composição de malhas de protocolos , 2001 .

[160]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[161]  Brian Randell,et al.  System structure for software fault tolerance , 1975, IEEE Transactions on Software Engineering.

[162]  P. K. Aditya,et al.  A Grammar Based Fault Classification Scheme and its Application to the Classification of the Errors , 1995 .

[163]  Andrew Harrison Gross,et al.  Analyzing computer intrusions , 1998 .

[164]  Peter G. Neumann Illustrative risks to the public in the use of computer systems and related technology , 1992, SOEN.

[165]  Antonio Casimiro,et al.  The timely computing base: Timely actions in the presence of uncertain timeliness , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[166]  D. K. Pradhan Fault-tolerant multiprocessor and VLSI-based system communication architectures , 1986 .

[167]  Nancy A. Lynch,et al.  I/O automaton models and proofs for shared-key communication systems , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[168]  Hermann Kopetz,et al.  Fault tolerance, principles and practice , 1990 .

[169]  Ramez Elmasri,et al.  Fundamentals of Database Systems , 1989 .

[170]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[171]  Michael Barabanov,et al.  A Linux-based Real-Time Operating System , 1997 .

[172]  Victor Shoup,et al.  Secure and efficient asynchronous broadcast protocols : (Extended abstract) , 2001, CRYPTO 2001.

[173]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)* , 2001, Journal of Cryptology.

[174]  Ran Canetti,et al.  Proactive Security: Long-term protection against break-ins , 1997 .

[175]  Hervé Debar,et al.  Intrusion Detection Exchange Format Data Model , 2000 .

[176]  P. Veríssimo,et al.  Time, clocks and temporal order , 1999 .

[177]  Y Groner,et al.  The Weizmann Institute of Science , 1962, Nature.

[178]  Flaviu Cristian,et al.  Exception Handling and Software Fault Tolerance , 1982, IEEE Transactions on Computers.

[179]  Stephen Smalley,et al.  The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments , 2000 .

[180]  Ran Canetti A unified framework for analyzing security of protocols , 2001, Electron. Colloquium Comput. Complex..

[181]  Algirdas Avizienis,et al.  A fault tolerance approach to computer viruses , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[182]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[183]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[184]  Martín Abadi,et al.  Secure Implementation of Channel Abstractions , 2002, Inf. Comput..

[185]  Peter G. Neumann,et al.  Practical Architectures for Survivable Systems and Networks , 1999 .

[186]  Antonio Casimiro,et al.  CesiumSpray: a Precise and Accurate Global Time Service for Large-scale Systems , 1997, Real-Time Systems.

[187]  Birgit Pfitzmann,et al.  Provably Secure Certified Mail , 2000 .

[188]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[189]  Lee Garber,et al.  Denial-of-Service Attacks Rip the Internet , 2000, Computer.

[190]  David Icove,et al.  Computer crime - a crimefighter's handbook , 1995, Computer security.

[191]  A. Avizienis,et al.  Fault-tolerance: The survival attribute of digital systems , 1978, Proceedings of the IEEE.

[192]  Marc Dacier,et al.  A Lightweight Tool for Detecting Web Server Attacks , 2000, NDSS.

[193]  Jim Gray,et al.  Why Do Computers Stop and What Can Be Done About It? , 1986, Symposium on Reliability in Distributed Software and Database Systems.

[194]  P. Verissimo,et al.  How to build a timely computing base using real-time Linux , 2000, 2000 IEEE International Workshop on Factory Communication Systems. Proceedings (Cat. No.00TH8531).

[195]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[196]  Yves Deswarte,et al.  Intrusion-Tolerance Using Fine-Grain Fragmentation-Scattering , 1986, 1986 IEEE Symposium on Security and Privacy.

[197]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[198]  Birgit Pfitzmann,et al.  A General Framework for Formal Notions of "Secure" Systems , 1994 .

[199]  Sandeep Kumar,et al.  Classification and detection of computer intrusions , 1996 .

[200]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[201]  Paulo Veríssimo,et al.  A replication-transparent remote invocation protocol , 1994, Proceedings of IEEE 13th Symposium on Reliable Distributed Systems.

[202]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[203]  R. Dierstein The Concept of Secure Information Processing Systems and their Basic Functions. , 1990 .

[204]  R.K. Cunningham,et al.  Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[205]  John Mhugh The 1998 Lincoln Laboratory IDS evaluation : A critique , 2000 .

[206]  Brian Randell,et al.  Error recovery in asynchronous systems , 1986, IEEE Transactions on Software Engineering.

[207]  Li Gong,et al.  A security risk of depending on synchronized clocks , 1992, OPSR.

[208]  H. Zimmermann,et al.  OSI Reference Model - The ISO Model of Architecture for Open Systems Interconnection , 1980, IEEE Transactions on Communications.

[209]  A. Selman,et al.  Complexity theory retrospective II , 1998 .

[210]  Dinesh Prasad,et al.  Delirium Tremens. , 2004, Medical journal, Armed Forces India.

[211]  W. Richard Stevens,et al.  Unix network programming , 1990, CCRV.

[212]  Frederick B. Cohen,et al.  Protection and Security on the Information Superhighway , 1995 .

[213]  Özalp Babaoglu,et al.  On the reliability of consensus-based fault-tolerant distributed computing systems , 1987, TOCS.

[214]  Ueli Maurer,et al.  Player Simulation and General Adversary Structures in Perfect Multiparty Computation , 2000, Journal of Cryptology.

[215]  Andrew Hutchison,et al.  IDS/A: An Interface between Intrusion Detection System and Application , 2000 .

[216]  Markus G. Kuhn,et al.  Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations , 1998, Information Hiding.

[217]  Eugene H. Spafford,et al.  Software vulnerability analysis , 1998 .

[218]  Eugene H. Spafford,et al.  Use of A Taxonomy of Security Faults , 1996 .

[219]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[220]  Birgit Pfitzmann,et al.  Composition and integrity preservation of secure reactive systems , 2000, CCS.

[221]  Dhiraj K. Pradhan,et al.  Consensus With Dual Failure Modes , 1991, IEEE Trans. Parallel Distributed Syst..

[222]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[223]  Paulo Veríssimo,et al.  Quasi-Synchronism: a step away from the traditional fault-tolerant real-time system models , 1995 .

[224]  Eric Miller,et al.  Testing and evaluating computer intrusion detection systems , 1999, CACM.

[225]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[226]  Elaine J. Weyuker,et al.  Collecting and categorizing software error data in an industrial environment , 2018, J. Syst. Softw..

[227]  Birgit Pfitzmann,et al.  Cryptographic Security of Reactive Systems Extended Abstract , 2000 .

[228]  Jon Postel,et al.  Internet Control Message Protocol , 1981, RFC.

[229]  Donald E. Eastlake,et al.  Randomness Recommendations for Security , 1994, RFC.

[230]  I. Bey,et al.  Delta-4: A Generic Architecture for Dependable Distributed Computing , 1991, Research Reports ESPRIT.

[231]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[232]  Paulo Veríssimo,et al.  Topology-Aware Algorithms for Large-Scale Communication , 1999, Advances in Distributed Systems.

[233]  Paulo Veríssimo,et al.  AMp: a highly parallel atomic multicast protocol , 1989, SIGCOMM '89.

[234]  Jeffrey D. Case,et al.  Simple Network Management Protocol (SNMP) , 1989, RFC.