Scalability, Accountability and Instant Information Access for Network- Centric Warfare

摘要

This project focused on one main problem: How to scale intrusion tolerant replication to wide area networks while considerably improving performance. During the last few years, there has been considerable progress in the design of intrusion-tolerant (Byzantine) replication systems. The state of the art before this project performed well on small scale systems that were usually confined to local area networks. The project developed the first hierarchical Byzantine replication architecture tailored to systems that span multiple wide area sites, each consisting of several replicas. The new architecture dramatically improves system performance (latency and throughput), availability, and manageability, for the price of extra hardware. Steward, a complete implementation of our architecture met and exceeded all performance goals and was able to withstand a white-box red team attack without being compromised even once. A side goal for the project was to look at the problem of malicious insider clients. Instead of compromising a system, malicious clients can just inject bad (but valid and authenticated) updates that corrupt information and propagate through the replicated system. By constructing an Accountability Graph between causally related updates, we demonstrate how enforcing accountability for client updates enables backtracking and state regeneration once corrupted data is discovered.