How to Securely Replicate Services (Preliminary Version)

Abstract

A method is presented for constructing replicated services that retain their availability and integrity despite several servers and clients being corrupted by an intruder, in addition to others failing benignly. More precisely, a service is replicated by n servers in such a way that a correct client will accept a correct server's response if, for some prespecified parameter k, at least k servers are correct and fewer than k servers are corrupt. The issue of maintaining causality among client requests is also addressed. A security breach resulting from an intruder's ability to effect a violation of causality in the sequence of requests processed by the service is illustrated. An approach to counter this problem is proposed that requires that fewer than k servers are corrupt and, to ensure liveness, that k < n - 2t, where t is the assumed maximum total number of both corruptions and benign failures suffered by servers in any system run. An important and novel feature of these schemes is that the client need not be able to identify or authenticate even a single server. Instead, the client is required only to possess at most two public keys for the service.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 1992
Accession Number
ADA248300

Entities

People

  • Ken Birman
  • Michael Reiter

Organizations

  • Cornell University

Tags

Communities of Interest

  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Abstracts
  • Algorithms
  • Asynchronous Systems
  • Authentication
  • Availability
  • Computer Access Control
  • Computer Science
  • Consistency
  • Cryptography
  • Department Of Defense
  • Distributed Computing
  • Guarantees
  • New York
  • Security
  • Sequences
  • Specifications
  • Universities

Fields of Study

  • Computer science

Readers

  • Computational Modeling and Simulation
  • Cybersecurity.
  • Mathematical Modeling and Probability Theory.