The Starfish System: Intrusion Detection and Intrusion Tolerance for Middleware Systems Kim Potter Kihlstrom Westmont College Santa Barbara, CA, USA Priya.

Slides:



Advertisements
Similar presentations
Automatic Generation of Fault-Tolerant CORBA-Services Andreas Polze, Janek Schwarz and Miroslaw Malek Department of Computer Science Humboldt-University.
Advertisements

Causality in online gaming Objectives – Understand how online gaming relates to causality research in distributed systems – Be able to apply distributed.
Impossibility of Distributed Consensus with One Faulty Process
Byzantine Generals. Outline r Byzantine generals problem.
Pontus Boström and Marina Waldén Åbo Akademi University/ TUCS Development of Fault Tolerant Grid Applications Using Distributed B.
1 The Case for Byzantine Fault Detection. 2 Challenge: Byzantine faults Distributed systems are subject to a variety of failures and attacks Hacker break-in.
Carnegie Mellon Approved for Public Release, Distribution Unlimited Increasing Intrusion Tolerance Via Scalable Redundancy Michael Reiter
The Byzantine Generals Problem Boon Thau Loo CS294-4.
L-15 Fault Tolerance 1. Fault Tolerance Terminology & Background Byzantine Fault Tolerance Issues in client/server Reliable group communication 2.
Reliability on Web Services Presented by Pat Chan 17/10/2005.
EEC 688/788 Secure and Dependable Computing Lecture 12 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
A Dependable Auction System: Architecture and an Implementation Framework
CS 582 / CMPE 481 Distributed Systems Fault Tolerance.
EEC 688/788 Secure and Dependable Computing Lecture 12 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Filterfresh Fault-tolerant Java Servers Through Active Replication Arash Baratloo
1 Principles of Reliable Distributed Systems Lecture 5: Failure Models, Fault-Tolerant Broadcasts and State-Machine Replication Spring 2005 Dr. Idit Keidar.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 12 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 13 Wenbing Zhao Department of Electrical and Computer Engineering.
FTMP: A Fault-Tolerant Multicast Protocol Louise E. Moser Department of Electrical and Computer Engineering University of California, Santa Barbara.
EEC 688/788 Secure and Dependable Computing Lecture 13 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Distributed Systems 2006 Group Membership * *With material adapted from Ken Birman.
1 Idit Keidar MIT Lab for Computer Science Theory of Distributed Systems Group Paradigms for Building Distributed Systems: Performance Measurements and.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 14 Wenbing Zhao Department of Electrical and Computer Engineering.
SIMULATING ERRORS IN WEB SERVICES International Journal of Simulation: Systems, Sciences and Technology 2004 Nik Looker, Malcolm Munro and Jie Xu.
Distributed Publish/Subscribe Network Presented by: Yu-Ling Chang.
Byzantine Fault Tolerance CS 425: Distributed Systems Fall Material drived from slides by I. Gupta and N.Vaidya.
Vs. Object-Process Methodology Written by Linder Tanya Rubinshtein Leena Nazaredko Anton Research Report Work Flow Management System.
An Efficient Topology-Adaptive Membership Protocol for Large- Scale Cluster-Based Services Jingyu Zhou * §, Lingkun Chu*, Tao Yang* § * Ask Jeeves §University.
The Architecture of the Starfish System: Mapping the Survivability Space Kim Kihlstrom Chris Phillips Chris Ritchey Ben LaBarbera Westmont College Priya.
DSN 2002 June page 1 BBN, UIUC, Boeing, and UM Intrusion Tolerance by Unpredictable Adaptation (ITUA) Franklin Webber BBN Technologies ParthaPal.
ARMADA Middleware and Communication Services T. ABDELZAHER, M. BJORKLUND, S. DAWSON, W.-C. FENG, F. JAHANIAN, S. JOHNSON, P. MARRON, A. MEHRA, T. MITTON,
BFTCloud: A Byzantine Fault Tolerance Framework for Voluntary-Resource Cloud Computing Yilei Zhang, Zibin Zheng, and Michael R. Lyu
Total Order Broadcast and Multicast Algorithms: Taxonomy and Survey (Paper by X. Défago, A. Schiper, and P. Urbán) ACM computing Surveys, Vol. 36,No 4,
CSE 486/586, Spring 2013 CSE 486/586 Distributed Systems Replication with View Synchronous Group Communication Steve Ko Computer Sciences and Engineering.
Practical Byzantine Fault Tolerance
Group Communication Group oriented activities are steadily increasing. There are many types of groups:  Open and Closed groups  Peer-to-peer and hierarchical.
Intrusion Tolerant Distributed Object Systems OASIS PI Meeting Norfolk, VA February 12-16, 2001 Gregg TallyBrent Whitmore
CoBFIT: A component-Based Framework for Intrusion Tolerance Author: HariGovind V. Ramasamy Adnan Agbaria William H. Sanders Presented by: Keqiang Zhu.
Distributed Systems Principles and Paradigms Chapter 12 Distributed Coordination-Based Systems 01 Introduction 02 Communication 03 Processes 04 Naming.
BFTW 3 workshop (Sep 22, 2009)© 2009 Andreas Haeberlen 1 The Fault Detection Problem Andreas Haeberlen MPI-SWS Petr Kuznetsov TU Berlin / Deutsche Telekom.
FT-ERF Fault-Tolerance in an Event Rule Framework for Distributed Systems Hillary Caituiro-Monge, Graduate Student. Advisor: Javier Arroyo-Figueroa, Ph.D.
Fault Tolerance in CORBA and Wireless CORBA Chen Xinyu 18/9/2002.
GLOBE DISTRIBUTED SHARED OBJECT. INTRODUCTION  Globe stands for GLobal Object Based Environment.  Globe is different from CORBA and DCOM that it supports.
Replication (1). Topics r Why Replication? r System Model r Consistency Models – How do we reason about the consistency of the “global state”? m Data-centric.
Group Communication A group is a collection of users sharing some common interest.Group-based activities are steadily increasing. There are many types.
CS603 Fault Tolerance - Communication April 17, 2002.
Scalable Group Communication for the Internet Idit Keidar MIT Lab for Computer Science Theory of Distributed Systems Group.
Chapter 11 Fault Tolerance. Topics Introduction Process Resilience Reliable Group Communication Recovery.
UNIVERSITY of WISCONSIN-MADISON Computer Sciences Department
The CoBFIT Toolkit PODC-2007, Portland, Oregon, USA August 14, 2007 HariGovind Ramasamy IBM Zurich Research Laboratory Mouna Seri and William H. Sanders.
Systems Research Barbara Liskov October Replication Goal: provide reliability and availability by storing information at several nodes.
Middleware for Fault Tolerant Applications Lihua Xu and Sheng Liu Jun, 05, 2003.
November, 19th GDS meeting, LIP6, Paris 1 Hierarchical Synchronization and Consistency in GDS Sébastien Monnet IRISA, Rennes.
Fault Tolerance (2). Topics r Reliable Group Communication.
Intrusion Tolerant Distributed Object Systems Joint IA&S PI Meeting Honolulu, HI July 17-21, 2000 Gregg Tally
Fault Tolerance in Distributed Systems. A system’s ability to tolerate failure-1 Reliability: the likelihood that a system will remain operational for.
Fail-Stop Processors UNIVERSITY of WISCONSIN-MADISON Computer Sciences Department CS 739 Distributed Systems Andrea C. Arpaci-Dusseau One paper: Byzantine.
Group Communication A group is a collection of users sharing some common interest.Group-based activities are steadily increasing. There are many types.
Chapter 8 Fault Tolerance. Outline Introductions –Concepts –Failure models –Redundancy Process resilience –Groups and failure masking –Distributed agreement.
Reliable multicast Tolerates process crashes. The additional requirements are: Only correct processes will receive multicasts from all correct processes.
A Fault Tolerance Protocol for Uploads: Design and Evaluation
A Framework for Object-Based Event Composition in Distributed Systems
Real-Time Fault Tolerant CORBA
Outline Distributed Mutual Exclusion Distributed Deadlock Detection
Fault Tolerance CSC 8320 : AOS Class Presentation Shiraj Pokharel
Advanced Operating System
ACM Transactions on Information and System Security, November 2001
Fault Tolerant Distributed Computing system.
Distributed Publish/Subscribe Network
Group Service in CORBA Xing Gang Supervisor: Prof. Michael R. Lyu
Presentation transcript:

The Starfish System: Intrusion Detection and Intrusion Tolerance for Middleware Systems Kim Potter Kihlstrom Westmont College Santa Barbara, CA, USA Priya Narasimhan Carnegie Mellon University Pittsburgh, PA, USA

The Starfish SystemKihlstrom and Narasimhan Motivation Previous work SecureRing [ACM TISSEC 2001] Eternal [TAPOS 1998] Immune [ICDCS 1999] Byzantine fault detectors [Computer Journal 2003] Insights and lessons learned Cost of survivability Replication of objects Input and output majority voting Guarantees of underlying multicast protocol Detection and removal of faulty processors/replicas

The Starfish SystemKihlstrom and Narasimhan Immune: Looking Back Interception Replication Majority voting Secure multicast protocols

The Starfish SystemKihlstrom and Narasimhan Immune: Looking Ahead Issues left open Scalability Increasing number of objects Increasing number of processors Local area to wide area Bandwidth Survivability of Immune itself Voting Other middleware systems besides CORBA Led to development of Starfish

The Starfish SystemKihlstrom and Narasimhan Starfish Goals Intrusion detection and intrusion tolerance for middleware applications Not specific to any middleware system Infrastructural support for majority voting End-to-end intrusion detection Applicable to local and wide area systems Currently under development

The Starfish SystemKihlstrom and Narasimhan Starfish Organization

The Starfish SystemKihlstrom and Narasimhan Starfish Philosophy Central core Highly secure Tightly coupled Arms Less tightly coupled Less stringent security guarantees Can be removed in event of security compromise New arms can be grown

The Starfish SystemKihlstrom and Narasimhan Starfish Structure

The Starfish SystemKihlstrom and Narasimhan System Model Assumptions Distributed object system Asynchronous Determinism Faults Communication Processor Object

The Starfish SystemKihlstrom and Narasimhan Support for Voting Objects are replicated Replica consistency in event of malicious processor and object replica faults Object group abstraction

The Starfish SystemKihlstrom and Narasimhan Support for Voting Voting in a dynamic environment Knowledge of how many votes constitute a majority Voter must know the number of replicas in the originating object group Hierarchical membership structure Object groups and voting groups

The Starfish SystemKihlstrom and Narasimhan Support for Voting

The Starfish SystemKihlstrom and Narasimhan End-to-End Intrusion Detection Removal of faulty replica from object group and all voting groups To remove a faulty replica, all replicas in object group must receive evidence of value fault Special Value_Fault_Vote message Value fault detector

The Starfish SystemKihlstrom and Narasimhan End-to-End Intrusion Detection

The Starfish SystemKihlstrom and Narasimhan End-to-End Intrusion Detection

The Starfish SystemKihlstrom and Narasimhan End-to-End Intrusion Detection

The Starfish SystemKihlstrom and Narasimhan End-to-End Intrusion Detection

The Starfish SystemKihlstrom and Narasimhan End-to-End Intrusion Detection

The Starfish SystemKihlstrom and Narasimhan End-to-End Intrusion Detection Removal of processor hosting faulty replica from system Byzantine fault detector To remove the processor, all processors must vote locally on the same set of votes Special base group Problem with cascading: fault must be handled first at the object level

The Starfish SystemKihlstrom and Narasimhan Survivability in Starfish ClassificationFaultMechanism Communication Message loss Reliable delivery mechanisms Message retransmission Message corruption Message digest Message retransmission Processor Processor crash Processor, object, and voting group membership Failure to receive Processor, object, and voting group membership Malicious processor Byzantine fault detector Object Replica crash Object and voting group membership Send omission Majority voting on invocations and responses Value faultValue fault detector

The Starfish SystemKihlstrom and Narasimhan Conclusions Development underway Prior experience in building systems SecureRing Eternal Immune Take insights and lessons in building next generation survivable object system: Starfish

The Starfish SystemKihlstrom and Narasimhan Starfish Intrusion detection and intrusion tolerance for middleware applications Not specific to any middleware system Infrastructural support for majority voting End-to-end intrusion detection Applicable to local and wide area systems

The Starfish SystemKihlstrom and Narasimhan Questions and Feedback Kim Potter Kihlstrom Priya Narasimhan

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.