Paulo Sousa
In Sixth European Dependable Computing Conference (EDCC-6) Supplemental Volume. Coimbra, Portugal, pages 27-32, October 2006.
Building resilient intrusion-tolerant distributed systems is a
somewhat complex task. Recently, we have increased this
complexity, by presenting a new dimension over which distributed
systems resilience may be evaluated - exhaustion-safety.
Exhaustion-safety means safety against resource exhaustion, and
its concrete semantics in a given system depends on the type of
resource being considered. We focus on replicas and on
guaranteeing that the typical assumption on the maximum number of
replicas failures is never violated. An interesting finding of our
work is that it is impossible to build a replica-exhaustion-safe
distributed intrusion-tolerant system under the asynchronous
model.
This result motivated our research on finding the right model and
architecture to guarantee exhaustion-safety. The main outcome of
this research was proactive resilience - a new paradigm
and design methodology to build replica-exhaustion-safe
intrusion-tolerant distributed systems. Proactive resilience is
based on architectural hybridization: the system is asynchronous
in its most part and it resorts to a synchronous subsystem to
periodically recover the replicas and remove the effects of
faults/attacks.
We envisage that proactive resilience can be applied in many
different scenarios, namely to secret sharing, and to state
machine replication. In the latter context, we present in this
paper a novel result that a minimum of 3f+2k+1 replicas are
required for tolerating f Byzantine faults and maintaining
availability, k being the maximum number of replicas that can be
recovered simultaneously through proactive resilience. Different recovery strategies
are analyzed in the light of this new result.
@InProceedings{sousa06proactiveresilience,
author = "Paulo Sousa",
title = "Proactive Resilience",
booktitle = "Sixth European
Dependable Computing Conference (EDCC-6) Supplemental Volume",
year = "2006",
pages = "27-32",
month = oct
}
Download the pdf.