As society becomes more and more dependent on computer systems, attacks and intrusions perpetrated by malicious adversaries are important problems that need to be addressed in any IT infrastructure. Current experience, however, shows that it is extremely difficult to build completely secure applications. Security vulnerabilities can emerge due to different causes, such as ill-defined dependencies on third-party software components, bad programming habits, or obscure relations with the environment (e.g., network, input devices, OS). Statistics published by CERT show that these problems are not disappearing, as indicated by the exponential grow on the number of incidents reported during the last decade.
Consequently, prevention techniques per se will not enable us to attain the security goal, and intrusion tolerance strategies have to be employed in the construction of the applications.
In this project we want to develop a stack of protocols capable of tolerating intrusions. Distributed applications composed by a set of cooperating processes running on different nodes, can resort to these protocols for the implementation of interesting tasks. As a result, if applications are organized properly, they can continue to provide useful services even if a malicious adversary controls a number of the processes (and makes them fail in a Byzantine way) or attacks the network.
The types of networks considered in the project (LAN, WAN or Wireless) are particularly difficult to tackle because of their unpredictable timeliness (also called asynchronous systems). A well known result by Fischer et al indicates that consensus can not be deterministically solved in this setting if a single process is allowed to crash. Therefore, to be able to circumvent this result, we will use randomization techniques in the protocols.
In this project we want to make contributions in the following three important areas:
-
In the first place, the project will design a new stack of randomized protocols for a set of fundamental tasks such as reliable broadcast, atomic total order broadcast, and different forms of consensus (binary, multi-value, and vector).
-
In the second place, the project will implement and evaluate the stack of protocols on a network of PCs. Throughout the years several protocols capable of tolerating Byzantine failures were proposed, however almost all of them were never implemented. As a key result of this project, we want to get a better understanding about the behavior of the developed protocols on a LAN or WAN setting.
-
In the third place, we want to experiment with the protocols on a mobile environment. Mobile hosts and wireless networks impose new challenges due to their specific characteristics, e.g., a smaller processing capacity or power limitations. To our knowledge, the project will make the first attempt to design and implement intrusion tolerant protocols for this type of systems.
Financing:
Project Name: RITAS - Tolerância a Intrusões em Sistemas Assíncronos Recorrendo à Aleatoriedade
Sponsoring Body : FCT (POSC/EIA/60334/2004)
União Europeia – Fundos Estruturais
Governo da
República Portuguesa