Full TitleRandomized Intrusion Tolerance for Asynchronous Systems
s society becomes more and more dependent on computer systems, attacks and intrusions perpetrated by malicious adversaries are important problems that need to be addressed in any IT infrastructure. Current experience, however, shows that it is extremely difficult to build completely secure applications. Security vulnerabilities can emerge due to different causes, such as ill-defined dependencies on third-party software components, bad programming habits, or obscure relations with the environment (e.g., network, input devices, OS). Statistics published by CERT show that these problems are not disappearing, as indicated by the exponential grow on the number of incidents reported during the last decade.
Consequently, prevention techniques per se will not enable us to attain the security goal, and intrusion tolerance strategies have to be employed in the construction of the applications.
In this project we want to develop a stack of protocols capable of tolerating intrusions. Distributed applications composed by a set of cooperating processes running on different nodes, can resort to these protocols for the implementation of interesting tasks. As a result, if applications are organized properly, they can continue to provide useful services even if a malicious adversary controls a number of the processes (and makes them fail in a Byzantine way) or attacks the network.
The types of networks considered in the project (LAN, WAN or Wireless) are particularly difficult to tackle because of their unpredictable timeliness (also called asynchronous systems). A well known result by Fischer et al indicates that consensus can not be deterministically solved in this setting if a single process is allowed to crash. Therefore, to be able to circumvent this result, we will use randomization techniques in the protocols.