Publicação
On the Resilience of Intrusion-Tolerant Distributed Systems
| Resumo: | The paper starts by introducing a new dimension along which distributed systems resilience may be evaluated - exhaustion-safety. A node-exhaustion-safe intrusion-tolerant distributed system is a system that assuredly does not suffer more than the assumed number of node failures (e.g., crash, Byzantine). We show that it is not possible to build this kind of systems under the asynchronous model. This result follows from the fact that in an asynchronous environment one cannot guarantee that the system terminates its execution before the occurrence of more than the assumed number of faults. After introducing exhaustion-safety, the paper proposes a new paradigm - proactive resilience - to build intrusion-tolerant distributed systems. Proactive resilience is based on architectural hybridization and hybrid distributed system modeling. The Proactive Resilience Model (PRM) is presented and shown to be a way of building node-exhaustion-safe intrusion-tolerant systems. Finally, the paper describes the design of a secret sharing system built according to the PRM. A proof-of-concept prototype of this system is shown to be highly resilient under different attack scenarios. |
|---|---|
| Autores principais: | Neves, Nuno Ferreira |
| Outros Autores: | Veríssimo, Paulo; Sousa, Paulo; Lopes, Antónia |
| Assunto: | Intrusion Tolerance Timing Assumptions Proactive Recovery Wormholes Secret Sharing |
| Ano: | 2006 |
| País: | Portugal |
| Tipo de documento: | relatório |
| Tipo de acesso: | acesso aberto |
| Instituição associada: | Universidade de Lisboa |
| Idioma: | português |
| Origem: | Repositório da Universidade de Lisboa |
| _version_ | 1865920804103913472 |
|---|---|
| author | Neves, Nuno Ferreira |
| author2 | Veríssimo, Paulo Sousa, Paulo Lopes, Antónia |
| author2_role | author author author |
| author_facet | Neves, Nuno Ferreira Neves, Nuno Ferreira Veríssimo, Paulo Sousa, Paulo Lopes, Antónia Veríssimo, Paulo Sousa, Paulo Lopes, Antónia |
| author_role | author |
| contributor_name_str_mv | Repositório Científico de Acesso Aberto da ULisboa |
| country_str | PT |
| creators_json_str | [{\"Person.name\":\"Neves, Nuno Ferreira\"},{\"Person.name\":\"Veríssimo, Paulo\"},{\"Person.name\":\"Sousa, Paulo\"},{\"Person.name\":\"Lopes, Antónia\"}] |
| datacite.contributors.contributor.contributorName.fl_str_mv | Repositório Científico de Acesso Aberto da ULisboa |
| datacite.creators.creator.creatorName.fl_str_mv | Neves, Nuno Ferreira Veríssimo, Paulo Sousa, Paulo Lopes, Antónia |
| datacite.date.Accepted.fl_str_mv | 2006-09-01T00:00:00Z |
| datacite.date.available.fl_str_mv | 2009-02-10T13:11:51Z |
| datacite.date.embargoed.fl_str_mv | 2009-02-10T13:11:51Z |
| datacite.rights.fl_str_mv | http://purl.org/coar/access_right/c_abf2 |
| datacite.subjects.subject.fl_str_mv | Intrusion Tolerance Timing Assumptions Proactive Recovery Wormholes Secret Sharing |
| datacite.titles.title.fl_str_mv | On the Resilience of Intrusion-Tolerant Distributed Systems |
| dc.contributor.none.fl_str_mv | Repositório Científico de Acesso Aberto da ULisboa |
| dc.creator.none.fl_str_mv | Neves, Nuno Ferreira Veríssimo, Paulo Sousa, Paulo Lopes, Antónia |
| dc.date.Accepted.fl_str_mv | 2006-09-01T00:00:00Z |
| dc.date.available.fl_str_mv | 2009-02-10T13:11:51Z |
| dc.date.embargoed.fl_str_mv | 2009-02-10T13:11:51Z |
| dc.format.none.fl_str_mv | application/pdf |
| dc.identifier.none.fl_str_mv | http://hdl.handle.net/10451/14075 |
| dc.language.none.fl_str_mv | por |
| dc.publisher.none.fl_str_mv | Department of Informatics, University of Lisbon |
| dc.rights.none.fl_str_mv | http://purl.org/coar/access_right/c_abf2 |
| dc.subject.none.fl_str_mv | Intrusion Tolerance Timing Assumptions Proactive Recovery Wormholes Secret Sharing |
| dc.title.fl_str_mv | On the Resilience of Intrusion-Tolerant Distributed Systems |
| dc.type.none.fl_str_mv | http://purl.org/coar/resource_type/c_93fc |
| description | The paper starts by introducing a new dimension along which distributed systems resilience may be evaluated - exhaustion-safety. A node-exhaustion-safe intrusion-tolerant distributed system is a system that assuredly does not suffer more than the assumed number of node failures (e.g., crash, Byzantine). We show that it is not possible to build this kind of systems under the asynchronous model. This result follows from the fact that in an asynchronous environment one cannot guarantee that the system terminates its execution before the occurrence of more than the assumed number of faults. After introducing exhaustion-safety, the paper proposes a new paradigm - proactive resilience - to build intrusion-tolerant distributed systems. Proactive resilience is based on architectural hybridization and hybrid distributed system modeling. The Proactive Resilience Model (PRM) is presented and shown to be a way of building node-exhaustion-safe intrusion-tolerant systems. Finally, the paper describes the design of a secret sharing system built according to the PRM. A proof-of-concept prototype of this system is shown to be highly resilient under different attack scenarios. |
| dirty | 0 |
| eu_rights_str_mv | openAccess |
| format | report |
| fulltext.url.fl_str_mv | https://repositorio.ulisboa.pt/bitstreams/d3e4ef82-a7f4-420c-8220-20e997ec52e8/download |
| id | ul_6d24a090d37c19ed25a4ec8c32a10bca |
| identifier.url.fl_str_mv | http://hdl.handle.net/10451/14075 |
| instacron_str | ul |
| institution | Universidade de Lisboa |
| instname_str | Universidade de Lisboa |
| language | por |
| network_acronym_str | ul |
| network_name_str | Repositório da Universidade de Lisboa |
| oai_identifier_str | oai:repositorio.ulisboa.pt:10451/14075 |
| organization_str_mv | urn:organizationAcronym:ul |
| person_str_mv | Neves, Nuno Ferreira Veríssimo, Paulo Sousa, Paulo Lopes, Antónia |
| publishDate | 2006 |
| publisher.none.fl_str_mv | Department of Informatics, University of Lisbon |
| reponame_str | Repositório da Universidade de Lisboa |
| repository_id_str | urn:repositoryAcronym:ul |
| service_str_mv | urn:repositoryAcronym:ul |
| spelling | porDepartment of Informatics, University of LisbonporThe paper starts by introducing a new dimension along which distributed systems resilience may be evaluated - exhaustion-safety. A node-exhaustion-safe intrusion-tolerant distributed system is a system that assuredly does not suffer more than the assumed number of node failures (e.g., crash, Byzantine). We show that it is not possible to build this kind of systems under the asynchronous model. This result follows from the fact that in an asynchronous environment one cannot guarantee that the system terminates its execution before the occurrence of more than the assumed number of faults. After introducing exhaustion-safety, the paper proposes a new paradigm - proactive resilience - to build intrusion-tolerant distributed systems. Proactive resilience is based on architectural hybridization and hybrid distributed system modeling. The Proactive Resilience Model (PRM) is presented and shown to be a way of building node-exhaustion-safe intrusion-tolerant systems. Finally, the paper describes the design of a secret sharing system built according to the PRM. A proof-of-concept prototype of this system is shown to be highly resilient under different attack scenarios.application/pdfporOn the Resilience of Intrusion-Tolerant Distributed SystemsNeves, Nuno FerreiraVeríssimo, PauloSousa, PauloLopes, AntóniaHostingInstitutionOrganizationalRepositório Científico de Acesso Aberto da ULisboae-mailmailto:repositorio@reitoria.ulisboa.ptrepositorio@reitoria.ulisboa.ptURLhttp://repositorio.ul.pt/handle/10455/29752009-02-10T13:11:51Z2006-092006-09-01T00:00:00ZHandlehttp://hdl.handle.net/10451/14075http://purl.org/coar/access_right/c_abf2open accessIntrusion ToleranceTiming AssumptionsProactive RecoveryWormholesSecret Sharing360952 bytesother research producthttp://purl.org/coar/resource_type/c_93fcreporthttp://purl.org/coar/access_right/c_abf2application/pdffulltexthttps://repositorio.ulisboa.pt/bitstreams/d3e4ef82-a7f4-420c-8220-20e997ec52e8/download |
| spellingShingle | On the Resilience of Intrusion-Tolerant Distributed Systems On the Resilience of Intrusion-Tolerant Distributed Systems Neves, Nuno Ferreira Intrusion Tolerance Timing Assumptions Proactive Recovery Wormholes Secret Sharing Neves, Nuno Ferreira Intrusion Tolerance Timing Assumptions Proactive Recovery Wormholes Secret Sharing |
| status | SINGLETON |
| subject.fl_str_mv | Intrusion Tolerance Timing Assumptions Proactive Recovery Wormholes Secret Sharing |
| title | On the Resilience of Intrusion-Tolerant Distributed Systems |
| title_full | On the Resilience of Intrusion-Tolerant Distributed Systems |
| title_fullStr | On the Resilience of Intrusion-Tolerant Distributed Systems On the Resilience of Intrusion-Tolerant Distributed Systems |
| title_full_unstemmed | On the Resilience of Intrusion-Tolerant Distributed Systems On the Resilience of Intrusion-Tolerant Distributed Systems |
| title_short | On the Resilience of Intrusion-Tolerant Distributed Systems |
| title_sort | On the Resilience of Intrusion-Tolerant Distributed Systems |
| topic | Intrusion Tolerance Timing Assumptions Proactive Recovery Wormholes Secret Sharing |
| topic_facet | Intrusion Tolerance Timing Assumptions Proactive Recovery Wormholes Secret Sharing |
| url | http://hdl.handle.net/10451/14075 |
| visible | 1 |