A security architecture for fault-tolerant systems

1 November 1994

journal article
Published by Association for Computing Machinery (ACM) in ACM Transactions on Computer Systems

Vol. 12 (4) , 340-371
https://doi.org/10.1145/195792.195823

Abstract

Process groups are a common abstraction for fault-tolerant computing in distributed systems. We present a security architecture that extends the process group into a security abstraction. Integral parts of this architecture are services that securely and fault tolerantly support cryptographic key distribution. Using replication only when necessary, and introducing novel replication techniques when it was necessary, we have constructed these services both to be easily defensible against attack and to permit key distribution despite the transient unavailability of a substantial number of servers. We detail the design and implementation of these services and the secure process group abstraction they support. We also give preliminary performance figures for some common group operations.

Keywords

This publication has 22 references indexed in Scilit:

How to securely replicate services
ACM Transactions on Programming Languages and Systems, 1994
Authentication in distributed systems
ACM Transactions on Computer Systems, 1992
Lightweight causal and atomic group multicast
ACM Transactions on Computer Systems, 1991
Implementing fault-tolerant services using the state machine approach: a tutorial
ACM Computing Surveys, 1990
Using one-way functions for authentication
ACM SIGCOMM Computer Communication Review, 1989
Probabilistic clock synchronization
Distributed Computing, 1989
Preserving and using context information in interprocess communication
ACM Transactions on Computer Systems, 1989
Reliable communication in the presence of failures
ACM Transactions on Computer Systems, 1987
Distributed process groups in the V Kernel
ACM Transactions on Computer Systems, 1985
Security Mechanisms in High-Level Network Protocols
ACM Computing Surveys, 1983