RITAS: Services for Randomized Intrusion Tolerance

Randomized agreement protocols have been around for more than two decades. Often assumed to be inefficient due to their high expected communication and computation complexities, they have remained overlooked by the community-at-large as a valid solution for the deployment of fault-tolerant distributed systems. This paper aims to demonstrate that randomization can be a very competitive approach even in hostile environments where arbitrary faults can occur. A stack of randomized intrusion-tolerant protocols is described and its performance evaluated under several settings in both local-area-network (LAN) and wide-area-network environments. The stack provides a set of relevant services ranging from basic communication primitives up to atomic broadcast. The experimental evaluation shows that the protocols are efficient, especially in LAN environments where no performance reduction is observed under certain Byzantine faults.

[1]  Rachid Guerraoui,et al.  The Generic Consensus Service , 2001, IEEE Trans. Software Eng..

[2]  Miguel Correia,et al.  Experimental Comparison of Local and Shared Coin Randomized Consensus Protocols , 2006, 2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06).

[3]  Miguel Correia,et al.  Solving vector consensus with a wormhole , 2005, IEEE Transactions on Parallel and Distributed Systems.

[4]  Louise E. Moser,et al.  The SecureRing group communication system , 2001, TSEC.

[5]  Ran Canetti,et al.  Fast asynchronous Byzantine agreement with optimal resilience , 1993, STOC.

[6]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[7]  Victor Shoup,et al.  Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography , 2000, Journal of Cryptology.

[8]  Roy Friedman,et al.  Simple and efficient oracle-based consensus protocols for asynchronous Byzantine systems , 2004, Proceedings of the 23rd IEEE International Symposium on Reliable Distributed Systems, 2004..

[9]  Andrew J. T. Colin,et al.  The Implementation , 1972, Softw. Pract. Exp..

[10]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[11]  David Powell,et al.  A fault- and intrusion- tolerant file system , 1985 .

[12]  Michael K. Reiter,et al.  Secure agreement protocols: reliable and atomic group multicast in rampart , 1994, CCS '94.

[13]  Miguel Correia,et al.  Intrusion-Tolerant Architectures: Concepts and Design , 2002, WADS.

[14]  Sam Toueg,et al.  A Modular Approach to Fault-Tolerant Broadcasts and Related Problems , 1994 .

[15]  Miguel Correia,et al.  On the Effects of Finite Memory on Intrusion-Tolerant Systems , 2007, 13th Pacific Rim International Symposium on Dependable Computing (PRDC 2007).

[16]  William H. Sanders,et al.  Quantifying the cost of providing intrusion tolerance in group communication systems , 2002, Proceedings International Conference on Dependable Systems and Networks.

[17]  Robbert van Renesse,et al.  Building Adaptive Systems Using Ensemble , 1998, Softw. Pract. Exp..

[18]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[19]  Christian Cachin,et al.  Secure INtrusion-Tolerant Replication on the Internet , 2002, Proceedings International Conference on Dependable Systems and Networks.

[20]  Robbert van Renesse,et al.  Horus: a flexible group communication system , 1996, CACM.

[21]  Miguel Correia,et al.  Low complexity Byzantine-resilient consensus , 2005, Distributed Computing.

[22]  Miguel Correia,et al.  Randomized Intrusion-Tolerant Asynchronous Services , 2006, International Conference on Dependable Systems and Networks (DSN'06).

[23]  Robbert van Renesse,et al.  Building adaptive systems using ensemble , 1998 .

[24]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[25]  David E. Culler,et al.  PlanetLab: an overlay testbed for broad-coverage services , 2003, CCRV.

[26]  Gabriel Bracha,et al.  An asynchronous [(n - 1)/3]-resilient consensus protocol , 1984, PODC '84.

[27]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[28]  Miguel Correia,et al.  Worm-IT - A wormhole-based intrusion-tolerant group communication system , 2007, J. Syst. Softw..

[29]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[30]  Y. Ishikawa,et al.  Fault Detection System Activated by Failure Information , 2007 .

[31]  Sam Toueg,et al.  Unreliable failure detectors for reliable distributed systems , 1996, JACM.

[32]  Michael K. Reiter,et al.  The Rampart Toolkit for Building High-Integrity Services , 1994, Dagstuhl Seminar on Distributed Systems.

[33]  Roy Friedman,et al.  Practical Byzantine Group Communication , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[34]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[35]  Miguel Correia,et al.  From Consensus to Atomic Broadcast: Time-Free Byzantine-Resistant Protocols without Signatures , 2006, Comput. J..

[36]  Michael K. Reiter,et al.  Unreliable intrusion detection in distributed computations , 1997, Proceedings 10th Computer Security Foundations Workshop.

[37]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[38]  Louise E. Moser,et al.  Byzantine-Resistant Total Ordering Algorithms , 1999, Inf. Comput..

[39]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[40]  Louise E. Moser,et al.  Byzantine Fault Detectors for Solving Consensus , 2003, Comput. J..

[41]  Michel Raynal,et al.  Consensus in Byzantine asynchronous systems , 2003, J. Discrete Algorithms.

[42]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[43]  Jean-Philippe Martin,et al.  Fast Byzantine Consensus , 2006, IEEE Transactions on Dependable and Secure Computing.

[44]  Sam Toueg,et al.  Randomized Byzantine Agreements , 1984, PODC '84.

[45]  Danny Dolev,et al.  On the minimal synchronism needed for distributed consensus , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).