Designing Secure and Reliable Applications using Fragmentation-Redundancy-Scattering: An Object-Oriented Approach
نویسندگان
چکیده
Security and reliability issues in distributed systems have been investigated for several years at LAAS using a technique called Fragmentation-Redundancy-Scattering (FRS). The aim of FRS is to tolerate both accidental and intentional faults: the core idea consists in fragmenting confidential information in order to produce insignificant fragments and then in scattering the fragments so obtained in a redundant fashion across a distributed system, such as a large network of workstations and servers. Of these workstations, in principle just the user’s own workstation needs to be regarded as trusted, whereas from this user’s viewpoint the other workstations and servers, which in all probability are under someone else’s control, can be untrusted devices. This paper describes an object-oriented approach to the use of FRS, now under development at LAAS and Newcastle. This approach greatly eases the task of application programmers who seek to ensure reliable secure processing, as well as storage, of confidential information. The approach involves fragmenting a confidential object using its composition structure, i.e., in terms of a hierarchy of sub-objects (the "is-part-of" relation of the object model), each of course with its own subsidiary operations or “methods”. The fragmentation process continues until the resulting sub-objects are as far as possible such as to be individually non-confidential. Replicas of nonconfidential objects are then scattered among untrusted stations. By such means much of the processing of object methods, as well as the storing of much object state information, can be carried out safely on untrusted equipment.
منابع مشابه
A Fault-Tolerant Secure CORBA Store using Fragmentation-Redundancy-Scattering
This paper presents the design of a secure and fault-tolerant CORBA datastore based on the Fragmentation-Redundancy-Scattering (FRS) technique. This technique consists in fragmenting the con dential data and scattering the resulting fragments across several archives. The FRS-Datastore service interacts with the other CORBA services, in particular with the Persistence, Security and Trading servi...
متن کاملDeclarative Semantics in Object-Oriented Software Development - A Taxonomy and Survey
One of the modern paradigms to develop an application is object oriented analysis and design. In this paradigm, there are several objects and each object plays some specific roles in applications. In an application, we must distinguish between procedural semantics and declarative semantics for their implementation in a specific programming language. For the procedural semantics, we can write a ...
متن کاملNew mechanism for Cloud Computing Storage Security Fragmentation-redundancy-scattering as security mechanism for Data Cloud Computing
Cloud computing, often referred to as simply the cloud, appears as an emerging computing paradigm which promises to radically change the way computer applications and services are constructed, delivered, managed and finally guaranteed as dynamic computing environments for end users. The cloud is the delivery of on-demand computing resources everything from applications to data centers over the ...
متن کاملTransparency in Object-Oriented Grid Database Systems
The paper presents various transparency issues that have to be considered during development of object-oriented Grid applications based on virtual repositories. Higher-level transparencies, such as location, heterogeneity, fragmentation, replication, redundancy, indexing and service provider transparency assure new information processing culture greatly supporting the development, operation and...
متن کاملArchitecting Secure Software Systems Using an Aspect-Oriented Approach: : A Survey of Current Research
The importance of security in the development of complex software systems has increasingly become more critical as software becomes increasingly more pervasive in our everyday lives. Aspect-orientation has been proposed as a means to handle the crosscutting nature of security requirements when developing, designing and implementing security-critical applications. This paper surveys some of the ...
متن کامل