A Secure Group Membership Protocol

A group membership protocol enables processes in a distributed system to agree on a group of processes that are currently operational. Membership protocols are a core component of many distributed systems and have proved to be fundamental for maintaining availability and consistency in distributed applications. We present a membership protocol for asynchronous distributed systems that tolerates the malicious corruption of group members. Our protocol ensures that correct members control and consistently observe changes to the group membership, provided that in each instance of the group membership, fewer than one-third of the members are corrupted or fail benignly. The protocol has many potential applications in secure systems and, in particular, is a central component of a toolkit for constructing secure and fault-tolerant distributed services that we have implemented.

[1]  Shivakant Mishra,et al.  A Membership Protocol Based on Partial Order , 1992 .

[2]  Koral Ilgun,et al.  USTAT: a real-time intrusion detection system for UNIX , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Kenneth P. Birman,et al.  Using process groups to implement failure detection in asynchronous environments , 1991, PODC '91.

[4]  Robbert van Renesse,et al.  A security architecture for fault-tolerant systems , 1994, TOCS.

[5]  Louise E. Moser,et al.  Fast message ordering and membership using a logical token-passing ring , 1993, [1993] Proceedings. The 13th International Conference on Distributed Computing Systems.

[6]  Sam Toueg,et al.  Fault-tolerant broadcasts and related problems , 1993 .

[7]  André Schiper,et al.  Lightweight causal and atomic group multicast , 1991, TOCS.

[8]  Brian A. Coan,et al.  Agreeing on a Leader in Real-Time. , 1990, RTSS 1990.

[9]  Yair Amir,et al.  Transis: a communication subsystem for high availability , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.

[10]  Brian A. Coan,et al.  Agreeing on a leader in real-time (fault tolerant computer system) , 1990, [1990] Proceedings 11th Real-Time Systems Symposium.

[11]  Kenneth P. Birman,et al.  Reliable communication in the presence of failures , 1987, TOCS.

[12]  Michael K. Reiter,et al.  The Rampart Toolkit for Building High-Integrity Services , 1994, Dagstuhl Seminar on Distributed Systems.

[13]  Martín Abadi,et al.  Authentication in distributed systems: theory and practice , 1991, SOSP '91.

[14]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[15]  Bernadette Charron-Bost,et al.  On the impossibility of group membership , 1996, PODC '96.

[16]  Yair Amir,et al.  Transis: A Communication Sub-system for High Availability , 1992 .

[17]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[18]  Moti Yung,et al.  The Varieties of Secure Distributed Computation , 1993 .

[19]  Robbert van Renesse,et al.  Reliable Multicast between Micro-Kernels , 1992, USENIX Workshop on Microkernels and Other Kernel Architectures.

[20]  Flaviu Cristian,et al.  Fault-tolerance in the advanced automation system , 1990, EW 4.

[21]  Louise E. Moser,et al.  Membership algorithms for asynchronous distributed systems , 1991, [1991] Proceedings. 11th International Conference on Distributed Computing Systems.

[22]  Hermann Kopetz,et al.  Fault-Tolerant Membership Service in a Synchronous Distributed Real-Time System , 1991 .

[23]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[24]  Kenneth P. Birman,et al.  Process Membership in Asynchronous Environments , 1993 .

[25]  Ragunathan Rajkumar,et al.  Processor group membership protocols: specification, design and implementation , 1993, Proceedings of 1993 IEEE 12th Symposium on Reliable Distributed Systems.

[26]  John B. Lacy CryptoLib: Cryptography in Software , 1993, USENIX Security Symposium.

[27]  Michael K. Reiter,et al.  Secure agreement protocols: reliable and atomic group multicast in rampart , 1994, CCS '94.

[28]  Keith Marzullo,et al.  Tolerating failures of continuous-valued sensors , 1990, TOCS.

[29]  Nancy P. Kronenberg,et al.  VAXcluster: a closely-coupled distributed system , 1986, TOCS.

[30]  Michael K. Reiter,et al.  How to securely replicate services , 1992, TOPL.