Stabilization, Safety, and Security of Distributed Systems

Consensus algorithms allow a set of nodes to reach an agreement on a quantity of interest. For instance, a consensus algorithm may be used to allow a network of sensors to determine the average value of samples collected by the different sensors. Similarly, a consensus algorithm can also be used by the nodes to synchronize their clocks. Research on consensus algorithms has a long history, with contributions from different research communities, including distributed computing, control systems, and social science. In this talk, we will discuss two resilient consensus algorithms that can perform correctly despite the following two types of adversities: (i) In wireless networks, transmissions are subject to transmission errors, resulting in packet losses. We will discuss how “average consensus” can be achieved over such lossy links, without explicitly making the links reliable, for instance, via retransmissions. (ii) In a distributed setting, some of the nodes in the network may fail or may be compromised. We will discuss a consensus algorithm that can tolerate “Byzantine” failures in partially connected networks. Low-Congestion Distributed Algorithms

[1]  Nancy A. Lynch,et al.  Distributed computation in dynamic networks , 2010, STOC '10.

[2]  Beng Chin Ooi,et al.  Supporting multi-dimensional range queries in peer-to-peer systems , 2005, Fifth IEEE International Conference on Peer-to-Peer Computing (P2P'05).

[3]  Ying Zhang,et al.  Cloud calculus: Security verification in elastic cloud computing platform , 2012, 2012 International Conference on Collaboration Technologies and Systems (CTS).

[4]  Igor V. Kotenko,et al.  Verification of security policy filtering rules by Model Checking , 2011, Proceedings of the 6th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems.

[5]  Yoram Moses,et al.  Coordinated consensus in dynamic networks , 2011, PODC '11.

[6]  Cédric Tedeschi,et al.  Peer-to-Peer Prefix Tree for Large Scale Service Discovery , 2008 .

[7]  Mohamed G. Gouda,et al.  Verification of Distributed Firewalls , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[8]  Reihaneh Safavi-Naini,et al.  Comparing and debugging firewall rule tables , 2007, IET Inf. Secur..

[9]  Chen-Nee Chuah,et al.  FIREMAN: a toolkit for firewall modeling and analysis , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[10]  Fabian Kuhn,et al.  Gradient Clock Synchronization in Dynamic Networks , 2009, SPAA '09.

[11]  John Spinelli Self-stabilizing sliding window ARQ protocols , 1997, TNET.

[12]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[13]  Márk Jelasity,et al.  Gossip-based aggregation in large dynamic networks , 2005, TOCS.

[14]  Luca Cardelli,et al.  Mobile Ambients , 1998, FoSSaCS.

[15]  Alan Jeffrey,et al.  Model Checking Firewall Policy Configurations , 2009, 2009 IEEE International Symposium on Policies for Distributed Systems and Networks.

[16]  Ehab Al-Shaer,et al.  Network configuration in a box: towards end-to-end verification of network reachability and security , 2009, 2009 17th IEEE International Conference on Network Protocols.

[17]  Sofiène Tahar,et al.  Modeling and verification of firewall configurations using domain restriction method , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[18]  Naohisa Takahashi,et al.  Verifying Consistency between Security Policy and Firewall Policy by Using a Constraint Satisfaction Problem Server , 2012 .

[19]  Armin Biere,et al.  Bounded model checking , 2003, Adv. Comput..

[20]  Michele Bugliesi,et al.  Communication and mobility control in boxed ambients , 2005, Inf. Comput..

[21]  Adel Bouhoula,et al.  Automatic Conformance Verification of Distributed Firewalls to Security Requirements , 2010, 2010 IEEE Second International Conference on Social Computing.

[22]  Hrishikesh B. Acharya,et al.  Firewall verification and redundancy checking are equivalent , 2011, 2011 Proceedings IEEE INFOCOM.