A security architecture for fault-tolerant systems

Process groups are a common abstraction for fault-tolerant computing in distributed systems. We present a security architecture that extends the process group into a security abstraction. Integral parts of this architecture are services that securely and fault tolerantly support cryptographic key distribution. Using replication only when necessary, and introducing novel replication techniques when it was necessary, we have constructed these services both to be easily defensible against attack and to permit key distribution despite the transient unavailability of a substantial number of servers. We detail the design and implementation of these services and the secure process group abstraction they support. We also give preliminary performance figures for some common group operations.

[1]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[2]  Martín Abadi,et al.  Authentication in the Taos operating system , 1993, SOSP '93.

[3]  J.J. Tardo,et al.  SPX: global authentication using public key certificates , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Robbert van Renesse,et al.  Reliable Multicast between Micro-Kernels , 1992, USENIX Workshop on Microkernels and Other Kernel Architectures.

[5]  Michael K. Reiter,et al.  Integrating security in a group oriented distributed system , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[6]  Nancy A. Lynch,et al.  An Overview of Clock Synchronization , 1986, Fault-Tolerant Distributed Computing.

[7]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[8]  Gene Tsudik Message authentication with one-way hash functions , 1992, CCRV.

[9]  Kenneth P. Birman,et al.  Reliable communication in the presence of failures , 1987, TOCS.

[10]  Michael K. Reiter,et al.  Preventing denial and forgery of causal relationships in distributed systems , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[12]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[13]  M. K. Belter,et al.  A secure group membership protocol , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[14]  B SchneiderFred Implementing fault-tolerant services using the state machine approach: a tutorial , 1990 .

[15]  Keith Marzullo,et al.  Tolerating failures of continuous-valued sensors , 1990, TOCS.

[16]  Sean W. Smith,et al.  Signed Vector Timestamps: A Secure Protocol for Partial Order Time , 1993 .

[17]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[18]  Kenneth P. Birman,et al.  Exploiting virtual synchrony in distributed systems , 1987, SOSP '87.

[19]  Li Gong,et al.  A security risk of depending on synchronized clocks , 1992, OPSR.

[20]  Gene Tsudik,et al.  Message authentication with one-way hash functions , 1992, [Proceedings] IEEE INFOCOM '92: The Conference on Computer Communications.

[21]  Yair Amir,et al.  Transis: A Communication Sub-system for High Availability , 1992 .

[22]  Virgil D. Gligor,et al.  On message integrity in cryptographic protocols , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[23]  André Schiper,et al.  Lightweight causal and atomic group multicast , 1991, TOCS.

[24]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[25]  Burton S. Kaliski The MD4 Message Digest Algorithm (Abstract) , 1990, EUROCRYPT.

[26]  Andrew S. Tanenbaum,et al.  Group communication in the Amoeba distributed operating system , 1991, [1991] Proceedings. 11th International Conference on Distributed Computing Systems.

[27]  Stephen T. Kent,et al.  Internet Privacy Enhanced Mail , 1993, CACM.

[28]  Kenneth P. Birman,et al.  The process group approach to reliable distributed computing , 1992, CACM.

[29]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[30]  Willy Zwaenepoel,et al.  Distributed process groups in the V Kernel , 1985, TOCS.

[31]  David L. Mills Network Time Protocol (version 2) specification and implementation , 1989, RFC.

[32]  Walter Tuchman,et al.  IV. `Hellman presents no shortcut solutions to the DES¿ , 1979, IEEE Spectrum.

[33]  Michael K. Reiter,et al.  How to securely replicate services , 1992, TOPL.

[34]  Maurice Herlihy,et al.  How to Make Replicated Data Secure , 1987, CRYPTO.

[35]  Martín Abadi,et al.  Authentication in the Taos operating system , 1994, TOCS.

[36]  M.E. Hellman,et al.  Privacy and authentication: An introduction to cryptography , 1979, Proceedings of the IEEE.

[37]  John B. Lacy CryptoLib: Cryptography in Software , 1993, USENIX Security Symposium.

[38]  Richard D. Schlichting,et al.  Preserving and using context information in interprocess communication , 1989, TOCS.

[39]  John M. Boone,et al.  INTEGRITY-ORIENTED CONTROL OBJECTIVES: PROPOSED REVISIONS TO THE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA (TCSEC), DoD 5200.28-STD , 1991 .

[40]  Yvo Desmedt,et al.  Shared Generation of Authenticators and Signatures (Extended Abstract) , 1991, CRYPTO.

[41]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[42]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[43]  L. Gong,et al.  Using one-way functions for authentication , 1989, CCRV.

[44]  Li Gong,et al.  Increasing Availability and Security of an Authentication Service , 1993, IEEE J. Sel. Areas Commun..

[45]  Steven M. Bellovin,et al.  Limitations of the Kerberos authentication system , 1990, CCRV.

[46]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[47]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[48]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[49]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.