Designing Secure and Reliable Applications using Fragmentation-Redundancy-Scattering: an Object-Oriented Approach

  • Jean-Charles Fabre
  • Yves Deswarte
  • Brian Randell
Conference paper
Part of the ESPRIT Basic Research Series book series (ESPRIT BASIC)

Abstract

Security and reliability issues in distributed systems have been investigated for several years at LAAS using a technique called Fragmentation-Redundancy-Scattering (FRS). The aim of FRS is to tolerate both accidental and intentional faults: the core idea consists in fragmenting confidential information in order to produce insignificant fragments and then in scattering the fragments so obtained in a redundant fashion across a distributed system, such as a large network of workstations and servers. Of these workstations, in principle just the user’s own workstation needs to be regarded as trusted, whereas from this user’s viewpoint the other workstations and servers, which in all probability are under someone else’s control, can be untrusted devices.

This paper describes an object-oriented approach to the use of FRS, now under development at LAAS and Newcastle. This approach greatly eases the task of application programmers who seek to ensure reliable secure processing, as well as storage, of confidential information. The approach involves fragmenting a confidential object using its composition structure, i.e., in terms of a hierarchy of sub-objects (the “is-part-of” relation of the object model), each of course with its own subsidiary operations or “methods”. The fragmentation process continues until the resulting sub-objects are as far as possible such as to be individually non-confidential. Replicas of non-confidential objects are then scattered among untrusted stations. By such means much of the processing of object methods, as well as the storing of much object state information, can be carried out safely on untrusted equipment.

Keywords

ECSC 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© ECSC — EC — EAEC, Brussels — Luxembourg 1995

Authors and Affiliations

  • Jean-Charles Fabre
    • 1
  • Yves Deswarte
    • 1
  • Brian Randell
    • 2
  1. 1.LAAS-CNRSFrance
  2. 2.University of Newcastle upon TyneUK

Personalised recommendations