A Language-Based Approach to Secure Quorum Replication
Venue
Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security (2014), pp. 27-39
Publication Year
2014
Authors
Lantian Zheng, Andrew C. Myers
BibTeX
Abstract
Quorum replication is an important technique for building distributed systems
because it can simultaneously improve both the integrity and availability of
computation and storage. Information flow control is a well-known method for
enforcing the confidentiality and integrity of information. This paper demonstrates
that these two techniques can be integrated to simultaneously enforce all three
major security properties: confidentiality, integrity and availability. It presents
a security-typed language with explicit language constructs for supporting secure
quorum replication. The dependency analysis performed by the type system of the
language provides a way to formally verify the end-to-end security assurance of
complex replication schemes. We also contribute a new multilevel timestamp
mechanism for synchronizing code and data replicas while controlling the side
channels such mechanisms introduce.
