Eduardo Adílio Pelinson Alchieri

State Machine Replication for the Masses with BFT-SMART

The last fifteen years have seen an impressive amount of work on protocols for Byzantine fault-tolerant (BFT) state machine replication (SMR). However, there is still a need for practical and reliable software libraries implementing this technique. BFT-SMART is an open-source Java-based library implementing robust BFT state machine replication. Some of the key features of this library that distinguishes it from similar works (e.g., PBFT and UpRight) are improved reliability, modularity as a first-class property, multicore-awareness, reconfiguration support and a flexible programming interface. When compared to other SMR libraries, BFT-SMART achieves better performance and is able to withstand a number of real-world faults that previous implementations cannot.

DepSpace: a byzantine fault-tolerant coordination service

The tuple space coordination model is one of the most interesting coordination models for open distributed systems due to its space and time decoupling and its synchronization power. Several works have tried to improve the dependability of tuple spaces through the use of replication for fault tolerance and access control for security. However, many practical applications in the Internet require both fault tolerance and security. This paper describes the design and implementation of DepSpace, a Byzantine fault-tolerant coordination service that provides a tuple space abstraction. The service offered by DepSpace is secure, reliable and available as long as less than a third of service replicas are faulty. Moreover, the content-addressable confidentiality scheme developed for DepSpace bridges the gap between Byzantine fault-tolerant replication and confidentiality of replicated data and can be used in other systems that store critical data.

Byzantine Consensus with Unknown Participants

Consensus is a fundamental building block used to solve many practical problems that appear on reliable distributed systems. In spite of the fact that consensus is being widely studied in the context of classical networks, few studies have been conducted in order to solve it in the context of dynamic and self-organizing systems characterized by unknown networks. While in a classical network the set of participants is static and known, in a scenario of unknown networks, the set and number of participants are previously unknown. This work goes one step further and studies the problem of Byzantine Fault-Tolerant Consensus with Unknown Participants , namely BFT-CUP. This new problem aims at solving consensus in unknown networks with the additional requirement that participants in the system can behave maliciously. This paper presents a solution for BFT-CUP that does not require digital signatures. The algorithms are shown to be optimal in terms of synchrony and knowledge connectivity among participants in the system.

A Dependable Infrastructure for Cooperative Web Services Coordination

A current trend in the web services community is to define coordination mechanisms to execute collaborative tasks involving multiple organizations. Following this tendency, in this paper the authors present a dependable (i.e., intrusion-tolerant) infrastructure for cooperative web services coordination that is based on the tuple space coordination model. This infrastructure provides decoupled communication and implements several security mechanisms that allow dependable coordination even in presence of malicious components. This work also investigates the costs related to the use of this infrastructure and possible web service applications that can benefit from it.

Active Replication in CORBA: Standards, Protocols, and Implementation Framework

This paper presents a proposal for integrating in a single CORBA middleware platform two important OMG specifications: FT-CORBA, which provides fault-tolerance support for CORBA objects, and UMIOP, an unreliable multicast protocol devised for CORBA middleware. The integration model defines a middleware support which supplies the basis to a large spectrum of group communication properties for distributed objects. Our propositions create a framework for active replication that is implemented using only OMG standards. Algorithms for reliable and atomic multicasts needed for this replication technique are presented using theoretical concepts for expressing their main features. At last, our FT-CORBA and UMIOP integration is compared to related experiences described in the literature and other active replication protocols.

Evaluation of Distributed Denial of Service threat in the Internet of Things

There is a concern about possible threats deriving from the widespread adoption of IoT (Internet of Things). The number of devices connected to the Internet is going to increase dramatically, potentiating their security risks. A Distributed Denial of Service (DDoS) attack is a good candidate to explore IoT security vulnerabilities, because of the enormous number of new devices connected to the Internet there is also an increase in the number of possible compromised devices. This study aims to analyze the efficiency of a DDoS attack in a typical IoT environment, by using simulations that, in the best of our knowledge, have not been conducted yet.

Intrusion-Tolerant Shared Memory through a P2P Overlay Segmentation

This paper describes our experience in developing an infrastructure which allows building intrusion-tolerant shared memory for large-scale systems. The infrastructure makes use of a P2P overlay and of the concept of State Machine Replication (SMR). Segmentation is introduced on the overlay key space to allow the use of algorithms for SMR. In this paper we describe the proposed infrastructure in its stratification and corresponding algorithms. An analysis about the algorithms and their costs is also presented.

Architecture for Privacy in Cloud of Things.

A large number of devices are connected to the internet through the Internet of Things (IoT) paradigm, resulting in a huge amount of produced data. Cloud computing is a computing paradigm currently adopted to process, store and provide access control to these data. This integration is called Cloud of Things CoT and is useful in personal networks, like residential automation and health care, since it facilitates the access to the information. Although this integration brings benefits to the users, it introduces many security challenges since the information leaves the user control and is stored at the cloud providers. Particularly interesting, in order for these technologies to be adopted, it is important to provide protocols and mechanisms to preserve the users privacy when storing their data in the cloud. In this context, this paper proposes an architecture for privacy in Cloud of Things, which allows the users to fully control the access to the data generated by the devices of their IoT networks and stored in the cloud. The proposed architecture enables a fine grained control over data, since the privacy protocols and controls are executed at the IoT devices instead of at the network border by a gateway, which also could represent a single point of failure or a component that could impair the security properties of the system once it is compromised by a successful attack.

Reconfigurable Scalable State Machine Replication

Existing works on the scalability of State Machine Replication mostly rely on partitioning the application state in order to execute multiple requests simultaneously. These works either (i) do not allow for the system to grow dynamically, or (ii) do not support strong consistency for requests involving data in different partitions. In (i), the need for manual reconfiguration hinders the applicability of such systems to large scales. In (ii), the set of applications that can be built is severely limited. We propose a Reconfigurable Scalable State Machine Replication protocol without these limitations. We present and analyze the proposed algorithms.

Proactive Byzantine Quorum Systems

Byzantine Quorum Systems is a replication technique used to ensure availability and consistency of replicates data even in presence of arbitrary faults. This paper presents a Byzantine Quorum Systems protocol that provides atomic semantics despite the existence of Byzantine clients and servers. Moreover, this protocol is integrated with a protocol for proactive recovery of servers. In that way, the system tolerates any number of failures during its lifetime, since no more than f out of n servers fail during a small interval of time between recoveries. All solutions proposed in this paper can be used on asynchronous systems, which requires no time assumptions. The proposed quorum system read and write protocols have been implemented and their efficiency is demonstrated through some experiments carried out in the Emulab platform.