Paulo Sousa, Nuno Ferreira Neves, Paulo Veríssimo
Third Workshop on Hot Topics in System Dependability (HotDep'07). Edinburgh, UK, June 2007.
A node-exhaustion-safe intrusion-tolerant distributed system is a
system that assuredly does not suffer more than the assumed number
of node failures. In a recent work, we showed that it is not
possible to build any type of node-exhaustion-safe
distributed f intrusion-tolerant system under the asynchronous
model. Some years ago, an intuition about this problem motivated
the research around proactive recovery, which made possible the
appearance of asynchronous systems that allegedly can tolerate any
number of faults over the lifetime of the system. In this paper,
each of these works is analyzed in detail and is explained why
they fail to achieve their goal. Afterwards, we summarize the four
problems that may affect systems employing proactive recovery.
author = "Paulo Sousa and Nuno Ferreira Neves and Paulo Verissimo",
title = "Hidden Problems of Asynchronous Proactive Recovery ",
booktitle = "Third Workshop on Hot Topics in System Dependability (HotDep'07)",
year = "2007",
month = jun
Download the pdf.