Preventing denial and forgery of causal relationships in distributed systems

In a distributed system, it is often important to detect the causal relationships between events, where event e/sub 1/ is causally before event e/sub 2/ if e/sub 1/ happened before e/sub 2/ and could possibly have affected the occurrence of e/sub 2/. The authors argue that detecting causal relationships among events can be important for security, in the sense that it may be essential to the correct implementation of a security policy that a process be able to determine if two events are causally related, and if so, how. They formulate attacks on causality in terms of causal denial and forgery, formalize possible security goals with respect to causality, and present simple algorithms to attain these goals in some situations.<<ETX>>

[1]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[2]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[3]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[4]  Martín Abadi,et al.  A semantics for a logic of authentication (extended abstract) , 1991, PODC '91.

[5]  Richard D. Schlichting,et al.  Preserving and using context information in interprocess communication , 1989, TOCS.

[6]  Liuba Shrira,et al.  Providing high availability using lazy replication , 1992, TOCS.

[7]  Michael K. Reiter,et al.  Integrating security in a group oriented distributed system , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[9]  Kenneth P. Birman,et al.  Design Alternatives for Process Group Membership and Multicast , 1991 .

[10]  D SchlichtingRichard,et al.  Preserving and using context information in interprocess communication , 1989 .

[11]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[12]  André Schiper,et al.  Lightweight causal and atomic group multicast , 1991, TOCS.

[13]  Michael K. Reiter,et al.  How to securely replicate services , 1992, TOPL.

[14]  Sean W. Smith,et al.  Signed Vector Timestamps: A Secure Protocol for Partial Order Time , 1993 .

[15]  Kenneth P. Birman,et al.  Using process groups to implement failure detection in asynchronous environments , 1991, PODC '91.

[16]  Kenneth P. Birman,et al.  Reliable communication in the presence of failures , 1987, TOCS.

[17]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[18]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[19]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[20]  D SchroederMichael,et al.  Using encryption for authentication in large networks of computers , 1978 .

[21]  B SchneiderFred Implementing fault-tolerant services using the state machine approach: a tutorial , 1990 .

[22]  Mark R. Tuttle,et al.  A Semantics for a Logic of Authentication , 1991, PODC 1991.