Fault Tolerance in Transaction Systems

We survey two schemes for fault tolerance for diierent fault models. The rst, primary-backup approach deals with disaster recovery. The second, is aimed at developing commit protocols that tolerate commission failures. A remote backup database system tracks the state of a primary system, taking over transaction processing when disaster hits the primary site. The primary and backup sites are physically isolated so that failures at one site are unlikely to propagate to other. For correctness, the execution schedule at the backup must be equivalent to that at the primary. When the primary and backup contain a single processor, it is relatively easy to achieve this property. However, this is harder to do when each site contains multiple processors and sites are connected via multiple communication lines. We will survey algorithms for maintaining backup copies that guarantee correctness and other important properties. Remote Backup systems are typically log-based and can be classiied into 2-safe and 1-safe, depending on whether transactions commit at both sites simultaneously or rst commit at the primary and are later propagated to the backup. We will study algorithms of both types. Often transactions involve sites that are untrusted, e.g., a home banking transaction. The objective is to develop a commit protocol that can tolerate both omission and commission failures of the untrusted sites, and omission failures of the trusted sites. We survey an algorithm which achieves this objective, without trying to resorting to Byzantine agreement protocol. This has advantages in terms of speed and complexity of the system.