In this paper, we present a Byzantine fault tolerant distributed commit
protocol for transactions running over untrusted networks. The traditional
two-phase commit protocol is enhanced by replicating the coordinator and by
running a Byzantine agreement algorithm among the coordinator replicas. Our
protocol can tolerate Byzantine faults at the coordinator replicas and a subset
of malicious faults at the participants. A decision certificate, which includes
a set of registration records and a set of votes from participants, is used to
facilitate the coordinator replicas to reach a Byzantine agreement on the
outcome of each transaction. The certificate also limits the ways a faulty
replica can use towards non-atomic termination of transactions, or semantically
incorrect transaction outcomes.Comment: To appear in the proceedings of the 3rd IEEE International Symposium
on Dependable, Autonomic and Secure Computing, 200