| The growing reliance on online service accessible on the Interact demandshighly-availiable systems that provide correct service without interruptions. These days, thefailured model assumed on highly-availiable system concentrates on benigh faults, such asserver crash, fail-stop, eavesdrop, or tamper. The malicious attacks, such as software bugs,operater errors, private key lost, and so on, are seldom considered. The faults caused bymalicious attacks are called Byzantine faults. Byzantine faults are the major cause of serviceinterruptions.The purpose of this dissertation is to study the theorem, method and technology of howto build a practical Byzantine fault tolerant system on the Internet, and exploit the approachto implement Byzantine fault tolerance by applying the replication and cryptographytechnique. The dissertation finishes following work:(1) Constructs a group membership protocol: it is a replication protocol onasynchronous system. Under the assumption that fewer than 1/3 of the replicas becomefaulty, the protocol can change the group view when a member join or leave the system, so itcan always promise a correct group to provide the service to application. By using theproactive signature sharing scheme, the protocol can ensure that the client can get the correctcurrent group view, when the group view changes, even if the adversary can control enoughfault members during several views. Mearnwhile the dissertation constructs a secureproactive signature sharing algorithms on RSA.(2) Use I/O state machine to prove the correctness of the group membetship: By usingthe invariants and imination techiniques, the correct of the group protocol can be provedformally, while the group membership protocol is proved by cases before.(3) Describe a Byzantine agreement protocol with message authentication codes in afixed group to provide highly-reliable service to application and give the method to ensurestate agreement during view changes. MACs are based on symmetric cryptography and theycan be computed three orders of magnitude faster than signature, and it is the Byzantineagreement protocol to provide service to application. Therefore, the Byzantine fault tolerantsystem is secure and practical.(4) Construct a model of group membership and agreement protocol to evaluate theperformance the system. By designing the message formats used in the protocols, the latencymodel is established according the protocol algorithms, the performance of the system canbe computed by the latency model. (5) Design and Implement a Byzantine fault tolerant LDAP system (BFTLDAP). It isused to build a Byzantine fault tolerant Grid system. The BFTLDAP system is 29.53ï¼…fastto 18.09ï¼…slow while compares to the normal LDAP with SASL signature. So, our faultsystem can not only highly-availavle but also be practical.
|
PDF Full Text Request