The architecture of a secure group communication system based on intrusion tolerance

This paper presents the architecture of a secure group communication system with the fortress model of trust, where the participants of the group equally trust one another. It considers that only a small part of the system, a component called the Trusted Timely Computing Base, has to be entirely trusted. All other components can be corrupted. The overall system will tolerate a certain number of faults of its components and remain behaving correctly.

[1]  Robbert van Renesse,et al.  Building adaptive systems using ensemble , 1998 .

[2]  P. Verissimo,et al.  How to build a timely computing base using real-time Linux , 2000, 2000 IEEE International Workshop on Factory Communication Systems. Proceedings (Cat. No.00TH8531).

[3]  Miguel Correia,et al.  The Middleware Architecture of MAFTIA: A Blueprint , 2000 .

[4]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[5]  Michael K. Reiter,et al.  Secure and scalable replication in Phalanx , 1998, Proceedings Seventeenth IEEE Symposium on Reliable Distributed Systems (Cat. No.98CB36281).

[6]  Yongdae Kim,et al.  Secure group communication in asynchronous networks with failures: integration and experiments , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.

[7]  J. van Leeuwen,et al.  Information Security , 2003, Lecture Notes in Computer Science.

[8]  Clark Thomborson,et al.  Manufacturing cheap, resilient, and stealthy opaque constructs , 1998, POPL '98.

[9]  Yves Deswarte,et al.  Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[10]  Antonio Casimiro,et al.  The timely computing base: Timely actions in the presence of uncertain timeliness , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[11]  Michael Schatz,et al.  A Real-Time Intrusion Detection System Based on Learning Program Behavior , 2000, Recent Advances in Intrusion Detection.

[12]  Robbert van Renesse,et al.  Building Adaptive Systems Using Ensemble , 1998, Softw. Pract. Exp..

[13]  Richard Lippmann,et al.  Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation , 2000, Recent Advances in Intrusion Detection.

[14]  Birgit Pfitzmann,et al.  MAFTIA: Reference Model and Use Cases , 2000 .

[15]  Danny Dolev,et al.  Ensemble Security , 1998 .

[16]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[17]  Fritz Hohl,et al.  Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts , 1998, Mobile Agents and Security.

[18]  Robbert van Renesse,et al.  A security architecture for fault-tolerant systems , 1994, TOCS.