Design and Implementation of a Byzantine Fault Tolerance Framework for Web Services

Many Web services are expected to run with high degree of security and dependability. To achieve this goal, it is essential to use a Web services compatible framework that tolerates not only crash faults, but Byzantine faults as well, due to the untrusted communication environment in which the Web services operate. In this paper, we describe the design and implementation of such a framework, called BFT-WS. BFT-WS is designed to operate on top of the standard SOAP messaging framework for maximum interoperability. It is implemented as a pluggable module within the Axis2 architecture, as such, it requires minimum changes to the Web applications. The core fault tolerance mechanisms used in BFT-WS are based on the well-known Castro and Liskov’s BFT algorithm for optimal efficiency. Our performance measurements confirm that BFT-WS incurs only moderate runtime overhead considering the complexity of the mechanisms

A variable node optimization model for byzantine fault tolerant systems

“Byzantine Fault Tolerance (BFT) has been a major subject of study over the last two decades with increasing societal dependance on secure, correct, and reliable computer systems and online services. This research presents a model for high-level optimization of emerging systems that rely on these BFT algorithms and use a variable numbers of decision nodes. The model highlights the relationship between the security of a system and its efficiency. Two experiments were performed to determine system performance by varying the number of compromised nodes, decision nodes, and total nodes. They examine the probability that a transaction will be compromised based on these variables using hypergeometric distribution, a subset of combinatorics. It was found that the compromise probability follows predictable patterns, with certain combinations of decision nodes performing better than others. The results show a trichotomous relationship where one in every three decision nodes results in lower security risk than its neighbors. The purpose of this model is to assist system developers in deciding how to best construct their systems to improve security while minimizing resource usage”--Abstract, page iii

An energy saving smart pedestrian lighting system with IoT

A large quantity of electricity in many countries is consumed towards lighting up the streets. Most of the basic street lighting systems are switched ON/OFF at regular intervals of time. In this thesis, a system is proposed to develop an energy saving pedestrian light control system to reduce energy consumption. This is done by having an automatic system that detects human presence near the pedestrian path. Consequently, this system may save a large amount of electrical power as well as increase the lamp's lifetime and reduce pollution. The system works by keeping lamps on an off state at all night, except a few which will serve as guide lamps. When someone approaching the pedestrian path, an IR sensor sends a message to a microcontroller to turn the lamps ON. An Arduino microcontroller has been used as a controller for the project in addition to other components used for this system such as IR sensor, a current sensor, LDR sensor, RF wireless module, and ESP8266 module. In order to monitor the system at anytime and anywhere, the system is connected to the IoT cloud via Thingsboard using a WiFi network connection. The proposed system has been observed to reduce power consumption by 40-45 percent compared to conventional system

Extended Fault Taxonomy of SOA-Based Systems

Service Oriented Architecture (SOA) is considered as a standard for enterprise software development. The main characteristics of SOA are dynamic discovery and composition of software services in a heterogeneous environment. These properties pose newer challenges in fault management of SOA-based systems (SBS). A proper understanding of different faults in an SBS is very necessary for effective fault handling. A comprehensive three-fold fault taxonomy is presented here that covers distributed, SOA specific and non-functional faults in a holistic manner. A comprehensive fault taxonomy is a key starting point for providing techniques and methods for accessing the quality of a given system. In this paper, an attempt has been made to outline several SBSs faults into a well-structured taxonomy that may assist developers to plan suitable fault repairing strategies. Some commonly emphasized fault recovery strategies are also discussed. Some challenges that may occur during fault handling of SBSs are also mentioned

A Light Weight Fault Tolerance Framework for Web Services

The increased usage of web services by many of the corporate industries to exchange their critical information over World Wide Web has directly impacted the need for high availability of web services. So in this work of ours we designed and developed a light weight fault tolerance framework for web services, by strictly biding ourselves to the design specifications of web services. We developed our framework by extending the open source implementation of Web services reliable messaging specifications. Our framework provides fault tolerance capability using the replication strategy, and can easily be reverted back to basic point to point reliable message specifications implementation dynamically upon availability of resources. We used a customized consensus solving algorithm to achieve and maintain consistency among the replicated systems. The message patterns that are used to exchange the data are very much bided to the message specifications of web services. Our framework does not use any proprietary protocols for transmission of messages over the network. We also carefully tuned our framework for enhanced performance by techniques like batching, and proved from our performance results that our framework is optimal and has very less run time overhea

A Light Weight Fault Tolerance Framework for Web Services

The increased usage of web services by many of the corporate industries to exchange their critical information over World Wide Web has directly impacted the need for high availability of web services. So in this work of ours we designed and developed a light weight fault tolerance framework for web services, by strictly biding ourselves to the design specifications of web services. We developed our framework by extending the open source implementation of Web services reliable messaging specifications. Our framework provides fault tolerance capability using the replication strategy, and can easily be reverted back to basic point to point reliable message specifications implementation dynamically upon availability of resources. We used a customized consensus solving algorithm to achieve and maintain consistency among the replicated systems. The message patterns that are used to exchange the data are very much bided to the message specifications of web services. Our framework does not use any proprietary protocols for transmission of messages over the network. We also carefully tuned our framework for enhanced performance by techniques like batching, and proved from our performance results that our framework is optimal and has very less run time overhea

Improving reliability of service oriented systems with consideration of cost and time constraints in clouds

Web service technology is more and more popular for the implementation of service oriented systems. Additionally, cloud computing platforms, as an efficient and available environment, can provide the computing, networking and storage resources in order to decrease the budget of companies to deploy and manage their systems. Therefore, more service oriented systems are migrated and deployed in clouds. However, these applications need to be improved in terms of reliability, for certain components have low reliability. Fault tolerance approaches can improve software reliability. However, more redundant units are required, which increases the cost and the execution time of the entire system. Therefore, a migration and deployment framework with fault tolerance approaches with the consideration of global constraints in terms of cost and execution time may be needed. This work proposes a migration and deployment framework to guide the designers of service oriented systems in order to improve the reliability under global constraints in clouds. A multilevel redundancy allocation model is adopted for the framework to assign redundant units to the structure of systems with fault tolerance approaches. An improved genetic algorithm is utilised for the generation of the migration plan that takes the execution time of systems and the cost constraints into consideration. Fault tolerant approaches (such as NVP, RB and Parallel) can be integrated into the framework so as to improve the reliability of the components at the bottom level. Additionally, a new encoding mechanism based on linked lists is proposed to improve the performance of the genetic algorithm in order to reduce the movement of redundant units in the model. The experiments compare the performance of encoding mechanisms and the model integrated with different fault tolerance approaches. The empirical studies show that the proposed framework, with a multilevel redundancy allocation model integrated with the fault tolerance approaches, can generate migration plans for service oriented systems in clouds with the consideration of cost and execution time

Design and Implementation of a Byzantine Fault Tolerance Framework for Web Services

Many Web services are expected to run with high degree of security and dependability. To achieve this goal, it is essential to use a Web services compatible framework that tolerates not only crash faults, but Byzantine faults as well, due to the untrusted communication environment in which the Web services operate. In this paper, we describe the design and implementation of such a framework, called BFT-WS. BFT-WS is designed to operate on top of the standard SOAP messaging framework for maximum interoperability. It is implemented as a pluggable module within the Axis2 architecture, as such, it requires minimum changes to the Web applications. The core fault tolerance mechanisms used in BFT-WS are based on the well-known Castro and Liskov’s BFT algorithm for optimal efficiency. Our performance measurements confirm that BFT-WS incurs only moderate runtime overhead considering the complexity of the mechanisms

Uma estratégia para implementação de tolerância a intrusões em redes WAN

Tese (doutorado) - Universidade Federal de Santa Catarina, Centro Tecnológico, Programa de Pós-Graduação em Engenharia de Automação e Sistemas, Florianópolis, 2014.A Internet é conhecida por agregar os mais diversos sistemas computacionais, que variam desde a arquitetura de máquina, sistemas operacionais até aplicativos finais de usuários. Além disso, nos últimos anos existe uma demanda crescente na utilização desses sistemas computacionais em aplicações críticas que forneçam um serviço correto e ininterrupto sobre redes de longa distância como a Internet (WANs). Mas, estas WANs se caracterizam como redes públicas de fácil acesso. Isto torna estes ambientes suscetíveis a um conjunto de problemas que colocam em risco a integridade destes serviços críticos quando disponíveis nestas redes. São problemas de segurança, com ataques aos mesmos tentando explorar possíveis vulnerabilidades das implementações destes serviços. São também problemas de confiabilidade devido ao uso continuo e concorrente nestes ambientes abertos.Nesta tese, fizemos um estudo visando encontrar soluções que melhorassem as condições de segurança e confiabilidade destes serviços, usando tecnologias como Web Services e Virtualização aliadas a conceitos e soluções algorítmicas próprios de Sistemas Distribuídos. As nossas soluções desenvolvidas para estes problemas tiveram como motivação as aplicações práticas das mesmas, mas sem deixar de lado aspectos conceituais importantes de Sistemas Distribuídos. Com base nestes objetivos, introduzimos um modelo híbrido de tolerância a intrusões e faltas que provoca a separação de faltas bizantinas e de crash. As faltas bizantinas são tratadas a nível local usando a virtualização. As faltas de crash que envolvem menores custos são tratadas a nível de sistema distribuídos.Abstract : The Internet is known to add all kinds of computer systems, ranging from machine architecture, operating systems, end user applications. Moreover, the last years there is an increasing demand on the use of these computing systems in critical applications that provide a correct and uninterrupted service on long distance networks such as the Internet (WAN). However, these WANs are characterized as public networks for easy access. This makes these environments susceptible to a set of problems, which put at risk the integrity of these critical services when available in these networks. They are security issues with the same attacks attempting to exploit potential vulnerabilities of these services implementations. Also are reliability problems due to continuous use and concurrent in these open environments. In this thesis, we did a study to finding solutions that improve the safety and reliability of these services, using technologies such as Web Services and Virtualization concepts and combined with own algorithmic solutions Distributed Systems. Our solutions to these problems were developed as motivation the practical applications of the same, but without neglecting important conceptual aspects of Distributed Systems. Based on these goals, we introduce a hybrid model for intrusion tolerance and faults which causes the separation of Byzantine and crash faults. Byzantine faults are handled locally using virtualization. The crash faults involving lower costs are treated at the level of distributed system