Small trusted primitives for dependable systems-Reference-Cited by-同舟云学术

Small trusted primitives for dependable systems

Published:2011-02-18 Issue:1 Volume:45 Page:126-141
ISSN:0163-5980
Container-title:ACM SIGOPS Operating Systems Review
language:en
Short-container-title:SIGOPS Oper. Syst. Rev.

Author:

Maniatis Petros¹,Chun Byung-Gon¹

Affiliation:

1. Intel Labs Berkeley

Abstract

Secure, fault-tolerant distributed systems are difficult to build, to validate, and to operate. Conservative design for such systems dictates that their security and fault tolerance depend on a very small number of assumptions taken on faith; such assumptions are typically called the "trusted computing base" (TCB) of a system. However, a rich trade-off exists between larger TCBs and more secure, more faulttolerant, or more efficient systems. In our recent work, we have explored this trade-off by defining "small," generic trusted primitives--for example, an attested, monotonically sequenced FIFO buffer of a few hundred machine words guaranteed to hold appended words until eviction and showing how such primitives can improve the performance, fault tolerance, and security of systems using them. In this article, we review our efforts in generating simple trusted primitives such as an attested circular buffer (called Attested Appendonly Memory), and an attested human activity detector. We describe the benefits of using these primitives to increase the fault-tolerance of replicated systems and archival storage, and to improve the security of email SPAM and click-fraud prevention systems. Finally, we share some lessons we have learned from this endeavor.

Publisher

Association for Computing Machinery (ACM)

Link

https://dl.acm.org/doi/pdf/10.1145/1945023.1945038

Reference91 articles.

1. Amazon S3. http://aws.amazon.com/s3/. Amazon S3. http://aws.amazon.com/s3/.

2. Click fraud rate rises to 14.1%. http://redmondmag.com/columns/print.asp?EditorialsID=1456. Click fraud rate rises to 14.1%. http://redmondmag.com/columns/print.asp?EditorialsID=1456.

3. Five percent of web traffic caused by ddos attacks. http://www.builderau.com.au/news/soa/Fivepercent-of-Web-traffic-caused-by-DDoSattacks/0 339028227 339287902 00.htm. Five percent of web traffic caused by ddos attacks. http://www.builderau.com.au/news/soa/Fivepercent-of-Web-traffic-caused-by-DDoSattacks/0 339028227 339287902 00.htm.

4. Gmail CAPTCHA cracked. http://securitylabs.websense.com/content/Blogs/2919.aspx. Gmail CAPTCHA cracked. http://securitylabs.websense.com/content/Blogs/2919.aspx.

5. Intel Active Management Technology (AMT). http://www.intel.com/technology/platformtechnology/intel-amt/index.htm. Intel Active Management Technology (AMT). http://www.intel.com/technology/platformtechnology/intel-amt/index.htm.