The increasing popularity of cloud storage services has lead companies that handle critical data to think about using these services for their storage needs. Medical record databases, large biomedical datasets, historical information about power systems and financial data are some examples of critical data that could be moved to the cloud. However, the reliability and security of data stored in the cloud still remain major concerns. In this work we present DepSky, a system that improves the availability, integrity, and confidentiality of information stored in the cloud through the encryption, encoding, and replication of the data on diverse clouds that form a cloud-of-clouds. We deployed our system using four commercial clouds and used PlanetLab to run clients accessing the service from different countries. We observed that our protocols improved the perceived availability, and in most cases, the access latency, when compared with cloud providers individually. Moreover, the monetary costs of using DepSky in this scenario is at most twice the cost of using a single cloud, which is optimal and seems to be a reasonable cost, given the benefits.
Today, critical infrastructures like the power grid are essentially physical processes controlled by computers connected by networks. They are usually as vulnerable as any other interconnected computer system, but their failure has a high socio-economic impact. We describe a hierarchy of variations of a novel device for the protection of these infrastructures, the CIS. These devices are used to ensure that incoming/outgoing traffic satisfies the security policy of an infrastructure in face of cyber-attacks. However, a CIS is not a common firewall but a distributed protection device based on a sophisticated access control model. Furthermore, a CIS is intrusion-tolerant and self-healing, seeking perpetual unattended correct operation. A key feature of the proposed architecture is that it does not require any modification of the SCADA/PCS software already in use today.
Previous works have studied how to use proactive recovery to build intrusion-tolerant replicated systems that are resilient to any number of faults, as long as recoveries are faster than an upper-bound on fault production assumed at system deployment time. In this paper, we propose a complementary approach that combines proactive recovery with services that allow correct replicas to react and recover replicas that they detect or suspect to be compromised. One key feature of our proactive-reactive recovery approach is that, despite recoveries, it guarantees the availability of the minimum amount of system replicas necessary to sustain system's correct operation. We design a proactive-reactive recovery service based on a hybrid distributed system model and show, as a case study, how this service can effectively be used to augment the resilience of an intrusion-tolerant firewall adequate for the protection of critical infrastructures.
Abstract. Recently, we presented a theoretical Physical System Model (P SM ), which introduced a new dimension over which distributed systems resilience may be evaluated -exhaustion-safety. We showed that it is theoretically impossible to have an exhaustion-safe f fault/intrusiontolerant asynchronous system, even when enhanced with asynchronous proactive recovery. This paper proposes proactive resilience as a new and more resilient approach to proactive recovery based on architectural hybridization. We present the Proactive Resilience Model (P RM ) and describe a design methodology under the P RM . This design methodology is formally proved to be a way of building exhaustion-safe systems and we use it to derive an exhaustion-safe distributed f fault/intrusiontolerant secret sharing system.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.