Modeling and Verification of Leaders Agreement in the Intrusion-Tolerant Enclaves Using PVS
نویسندگان
چکیده
Enclaves is a group-oriented intrusion-tolerant protocol. Intrusion-tolerant protocols are cryptographic protocols that implement fault-tolerance techniques to achieve security despite possible intrusions at some parts of the system. Among the most tedious faults to handle in security are the so-called Byzantine faults, where insiders maliciously exhibit an arbitrary (possibly dishonest) behavior during executions of the protocol. This class of faults poses formidable challenges to current verification techniques and has been formally verified only in simplified forms and under restricted fault assumptions. In this paper we present our work on the formal verification of the Byzantine fault-tolerant Enclaves [1] protocol. We use PVS to formally specify and prove Proper Byzantine Agreement, Agreement Termination and Integrity.
منابع مشابه
Formal Specification and Verification of the Intrusion-Tolerant Enclaves Protocol
We demonstrate the application of formal methods to the verification of intrusion-tolerant agreement protocols that have a distributed leadership and can tolerate Byzantine faults. As an interesting case study, the Enclaves groupmembership protocol has been verified using two techniques: model checking and theorem proving. We use the model checker Murphi to prove the correctness of authenticati...
متن کاملOn the Correctness of an Intrusion-Tolerant Group Communication Protocol
Intrusion-tolerance is the technique of using fault-tolerance to achieve security properties. Assuming that faults, both benign and Byzantine, are unavoidable, the main goal of Intrusion-tolerance is to preserve an acceptable, though possibly degraded, service of the overall system despite intrusions at some of its sub-parts. In this paper, we present a correctness proof of the Intrusion-tolera...
متن کاملIntrusion-Tolerant Enclaves
Despite our best efforts, any sufficiently complex computer system has vulnerabilities. It is safe to assume that such vulnerabilities can be exploited by attackers who will be able to penetrate the system. Intrusion tolerance attempts to maintain acceptable service despite such intrusions. This paper presents an application of intrusiontolerance concepts to Enclaves, a software infrastructure ...
متن کاملModeling SITAR System Security
Recent strategies to protect system security lay emphasis on designing intrusion-tolerant systems that are able to tolerate intrusions using techniques such as redundancy, diversity, reconfiguration and graceful degradation. These systems are expected to not only detect and tolerate attacks, but also repair, or rejuvenate themselves so as to remove any damage caused by an intrusion. Several res...
متن کامل