In many situations, fault tolerance needs to be provided not only in the presence of fail-stop faults, but also in case of malicious misbehaviour. Recent research has provided several theoretically well-founded algorithms that are feasible in practice. Most work however focuses only on single algorithms, and gives only little attention to adaptability to different quality-of-service requirements and the whole software development process. This thesis outline aims at making three major contributions: First, it specifies a modular architecture for malicious fault-tolerant consensus algorithms, providing a generic interface to upper layers, including recovery mechanisms, and supporting switching between different consensus strategies depending on QoS requirements. Second, it presents different abstractions for the application developer, analysing which abstraction fits best for which developer requirements, and how they can be realized using the low-level modules. Third, it discusses how the application development process for malicious fault-tolerant applications may benefit from a generative approach, using a flexible, evolvable software generation and transformation process.
[1]
Franz J. Hauck,et al.
Aspectix: A Quality-Aware, Object-Based Middleware Architecture
,
2001,
DAIS.
[2]
Hans P. Reiser,et al.
IDLflex: A flexible and generic compiler for CORBA IDL
,
2001
.
[3]
Leslie Lamport,et al.
The part-time parliament
,
1998,
TOCS.
[4]
Nancy A. Lynch,et al.
Impossibility of distributed consensus with one faulty process
,
1985,
JACM.
[5]
Sam Toueg,et al.
Unreliable failure detectors for reliable distributed systems
,
1996,
JACM.
[6]
Michael K. Reiter,et al.
The Rampart Toolkit for Building High-Integrity Services
,
1994,
Dagstuhl Seminar on Distributed Systems.
[7]
Franck Petit,et al.
Unreliable failure detectors for asynchronous distributed systems
,
2003
.
[8]
Danny Dolev,et al.
Ensemble Security
,
1998
.
[9]
Robbert van Renesse,et al.
Horus: a flexible group communication system
,
1996,
CACM.