AI helps you reading Science
AI generates interpretation videos
AI extracts and analyses the key points of the paper to generate videos automatically
AI parses the academic lineage of this thesis
AI extracts a summary of this paper
This paper describes a general approach to constructing cooperative services spanning multiple administrative domains in the context of a cooperative backup system
Bar tolerance for cooperative services
Symposium on Operating Systems Principles, (2005)
This paper describes a general approach to constructing cooperative services that span multiple administrative domains. In such environments, protocols must tolerate both Byzantine behaviors when broken, misconfigured, or malicious nodes arbitrarily deviate from their specification and rational behaviors when selfish nodes deviate from th...More
PPT (Upload PPT)
- This paper describes a general approach to constructing cooperative services that span multiple administrative domains (MADs).
- There currently exists no satisfactory way to model MAD services
- In these systems, the classical dichotomy between correct and faulty nodes  becomes inadequate.
- The Byzantine model classifies all deviations as faults and requires a bound on the number of faults in the system; this bound is not tenable in MAD systems where all nodes may benefit from selfish behavior and be motivated to deviate from the protocol.
- Models that only account for selfish behavior 
- This paper describes a general approach to constructing cooperative services that span multiple administrative domains (MADs)
- The Byzantine model classifies all deviations as faults and requires a bound on the number of faults in the system; this bound is not tenable in multiple administrative domains systems where all nodes may benefit from selfish behavior and be motivated to deviate from the protocol
- Our microbenchmarks show that our replicated state machine prototype can perform about 15 operations a second, an adequate level of performance for our application’s requirements
- Our work addresses the new challenges that arise in multiple administrative domains distributed systems, where the Byzantine Fault Tolerance safety requirement that fewer than one third of the nodes deviate from the assigned protocol can be violated
- This paper describes a general approach to constructing cooperative services spanning multiple administrative domains in the context of a cooperative backup system
- Experiments run on Pentium-IV machines with 2.4 Ghz processors, 1 GB of memory, and Debian Linux 3.0.
- These are shared machines, connected through 100 Mbps ethernet.
- The Emulab  experiments were run on Pentium-III machines with 850 Mhz processors, 256 Mb of RAM, and Red Hat Linux 9.
- The authors use the BouncyCastle cryptographic library and Onion Networks’ FEC library for erasure coding
- The authors evaluate the replicated state machine and BAR-B prototype.
- The authors' microbenchmarks show that the RSM prototype can perform about 15 operations a second, an adequate level of performance for the application’s requirements.
- The authors evaluate the performance of the BAR-B application.
- The authors find that the nonoptimized BAR-B prototype can back up 100 MB of data to 10 nodes in under 4 minutes and guarantee that the data are recoverable despite the failure of 3 nodes
- This paper describes a general approach to constructing cooperative services spanning MADs in the context of a cooperative backup system.
- The three primary contributions of this paper are (1) the introduction of the BAR (Byzantine, Altruistic, and Rational) model, (2) a general architecture for building services in the BAR model, and (3) an application of this general architecture to build BAR-B, the first cooperative backup service to tolerate both Byzantine users and an unbounded number of rational users
- Our work brings together Byzantine fault-tolerance and game theory.
Byzantine agreement  and Byzantine fault tolerant state machine replication have been studied in both theoretical and practical settings [6, 9, 26, 49, 55]. Our work is clearly indebted to recent research [2, 10, 36, 53, 63] that has shown how BFT can be practical in distributed systems that fall under a single administrative domain—indeed, Castro and Liskov’s BFT state machine  is the starting point for our IC-BFT state machine. Our work addresses the new challenges that arise in MAD distributed systems, where the BFT safety requirement that fewer than one third of the nodes deviate from the assigned protocol can be easily violated.
Game theory  has a long history in the economics literature [4, 28, 41] and has recently become of general interest in computer science [3, 20, 22, 23, 45, 48, 61]. Protocol and system designers have used game theoretic concepts to model behaviors in a variety of settings including routing [21, 58, 59], multicast , and wireless network . Common across these works is the assumption that all nodes behave rationally—the presence of a single Byzantine node may lead to a violation of the guarantees that these system intend to provide.
- This work was supported in part by NSF award CNS 0509338 and NSF CyberTrust award 0430510
- Lorenzo Alvisi was also supported by an Alfred P
- E. Adar and B. Huberman. Free riding on gnutella. Technical report, Xerox PARC, Aug. 2000.
- A. Adya, W. Bolosky, M. Castro, R. Chaiken, G. Cermak, J. Douceur, J. Howell, J. Lorch, M. Theimer, and R. Wattenhofer. Farsite: Federated, available, and reliable storage for an incompletely trusted environment. In 5th OSDI, Dec 2002.
- A. Akella, S. Seshan, R. Karp, S. Shenker, and C. Papadimitriou. Selfish behavior and stability of the internet: a game-theoretic analysis of tcp. In Proc. SIGCOMM, pages 117–130. ACM Press, 2002.
- R. J. Aumann. Subjectivity and correlation in randomized strategies. Journal of Mathematical Economics, 1(1):67–96, 1974.
- C. Batten, K. Barr, A. Saraf, and S. Trepetin. pStore: A secure peer-to-peer backup system. Technical Memo MIT-LCS-TM-632, Massachusetts Institute of Technology Laboratory for Computer Science, October 2002.
- G. Bracha and S. Toueg. Asynchronous consensus and broadcast protocols. J. ACM, 32(4):824–840, 1985.
- T. C. Bressoud and F. B. Schneider. Hypervisor-based fault tolerance. ACM Trans. Comput. Syst., 14(1):80–107, 1996.
- M. Burrows, M. Abadi, and R. Needham. A Logic of Authentication. In ACM Trans. Comput. Syst., pages 18–36, Feb. 1990.
- R. Canetti and T. Rabin. Optimal Asynchronous Byzantine Agreement. Technical Report 92-15, TR 92-15, Dept. of Computer Science, Hebrew University, 1992.
- M. Castro and B. Liskov. Practical Byzantine fault tolerance and proactive recovery. ACM Trans. Comput. Syst., 20(4):398–461, 2002.
- J. Chase, B. Chun, Y. Fu, S. Schwab, and A. Vahdat. Sharp: An architecture for secure resource peering. In SOSP, 2003.
- The game of chicken. http://www.gametheory.net/Dictionary/Games/GameofChicken.html.
- B. Cohen. The bittorrent home page. http://bittorrent.com.
- B. Cohen. Incentives build robustness in bittorrent. In Proc. 2nd IPTPS, 2003.
- L. Cox and B. Noble. Pastiche: Making backup cheap and easy. In Proc. 5th OSDI, Dec 2002.
- L. P. Cox and B. D. Noble. Samsara: honor among thieves in peer-to-peer storage. In Proc. 19th SOSP, pages 120–132, 2003.
- A. K. Dixit and S. Skeath. Games of Strategy. W. W. Norton & Company, 1999.
- J. R. Douceur. The Sybil attack. In Proc. 1st IPTPS, pages 251–260. Springer-Verlag, 2002.
- K. Eliaz. Fault tolerant implementation. Review of Economic Studies, 69:589–610, Aug 2002.
- J. Feigenbaum, C. H. Papadimitriou, and S. Shenker. Sharing the cost of multicast transmissions. J. Comput. Syst. Sci., 63(1):21–41, 2001.
- J. Feigenbaum, R. Sami, and S. Shenker. Mechanism design for policy routing. In Proc. 23rd PODC, pages 11–20. ACM Press, 2004.
- J. Feigenbaum and S. Shenker. Distributed algorithmic mechanism design: Recent results and future directions. In Proc. 6th DIALM, pages 1–13. ACM Press, New York, 2002.
- M. Feldman, C. Papadimitriou, J. Chuang, and I. Stoica. Free-riding and whitewashing in peer-to-peer systems. In Proc. PINS, pages 228–236. ACM Press, 2004.
- M. Fischer, N. Lynch, and M. Paterson. Impossibility of distributed consensus with one faulty process. J. ACM, 32(2):374–382, 1985.
- D. Fudenberg and J. Tirole. Game theory. MIT Press, Aug. 1991.
- J. Garay and Y. Moses. Fully Polynomial Byzantine Agreement for n>3t Processors in t + 1 Rounds. SIAM J. of Computing, 27(1), 1998.
- K. P. Gummadi, R. J. Dunn, S. Saroio, S. D. Gribbl, H. M. Levy, and J. Zahorjan. Measurement, modeling, and analysis of a peer-to-peer file-sharing workload. In Proc. 19th SOSP, 2003.
- J. Harsanyi. A general theory of rational behavior in game situations. Econometrica, 34(3):613–634, Jul. 1966.
- L. Lamport. The part-time parliament. ACM Trans. Comput. Syst., 16(2):133–169, 1998.
- L. Lamport, R. Shostak, and M. Pease. The Byzantine generals problem. ACM Trans. Program. Lang. Syst., 4(3):382–401, 1982.
- M. Lillibridge, S. Elnikety, A. Birrell, M. Burrows, and M. Isard. A cooperative internet backup scheme. In USENIX ATC, june 2003.
- M. Loney. Charity gives 40,000 pcs a fresh start. CNET News.com, February 4 2005. http://news.com.com/Charity+gives+403421.html.
- R. Mahajan, M. Rodrig, D. Wetherall, and J. Zahorjan. Sustaining cooperation in multi-hop wireless networks. In NSDI, May 2005.
- G. J. Mailath. Do people play Nash equilibrium? lessons from evolutionary game theory. Journal of Economic Literature, 36 (September 1998), 1347-1374, 1998.
- D. Malhotra. Making threats credible. Negotiation, 8(3), Mar. 2005.
- D. Malkhi and M. Reiter. Byzantine quorum systems. Distributed Computing 11/4, pages 203–213, 1998.
- D. Malkhi and M. Reiter. Secure and scalable replication in Phalanx. In Proc. 17th SRDS, Oct 1998.
- P. Maniatis, D. S. H. Rosenthal, M. Roussopoulos, M. Baker, T. Giuli, and Y. Muliadi. Preserving peer replicas by rate-limited sampled voting. In Proc. 19th SOSP, pages 44–59. ACM Press, 2003.
- J.-P. Martin, A. S. Aiyer, L. Alvisi, A. Clement, M. Dahlin, and C. Porth. BAR tolerance for cooperative services. Technical Report TR-05-10, Department of Computer Sciences, The University of Texas at Austin, Mar. 2005.
- N. H. Minsky and V. Ungureanu. Law-governed interaction: a coordination and control mechanism for heterogeneous distributed systems. ACM Trans. Softw. Eng. Methodol., 9(3):273–305, 2000.
- J. Nash. Non-cooperative games. The Annals of Mathematics, 54:286–295, Sept 1951.
- T. W. Ngan, D. Wallach, and P. Druschel. Enforcing fair sharing of peer-to-peer resources. In Proc. 2nd IPTPS, 2003.
- T.-W. Ngan, D. S. Wallach, and P. Druschel. Incentives-compatible peer-to-peer multicast. In 2nd Workshop on Economics of Peer-to-Peer Systems, 2004.
- S. J. Nielson, S. A. Crosby, and D. S. Wallach. A taxonomy of rational attacks. In Proc. 4th IPTPS, Feb. 2005.
- N. Nisanb and A. Ronenc. Algorithmic mechanism design. Games and Economic Behavior, 35:166–196, April 2001.
- N. Ntarmos and P. Triantafillou. Aesop: Altruism-endowed self organizing peers. In Proc. 2nd DBISP2P, August 2004.
- N. I. of Standards and Technology. Secure hash standard. Technical report, U.S. Department of Commerce, August 2002.
- C. Papadimitriou. Algorithms, games, and the internet. In Proc. 33rd STOC, pages 749–753. ACM Press, 2001.
- M. Reiter. The Rampart toolkit for building high-integrity services. In Dagstuhl Seminar on Dist. Sys., pages 99–110, 1994.
- S. Rhea, P. Eaton, D. Geels, H. Weatherspoon, B. Zhao, and J. Kubiatowicz. Pond: The oceanstore prototype. In FAST, 2003.
- R. L. Rivest, A. Shamir, and L. M. Adleman. A method for obtaining digital signatures and public-key cryptosystems (reprint). Commun. ACM, 26(1):96–99, 1983.
- L. Rizzo. Effective erasure codes for reliable computer communication protocols. SIGCOMM Comput. Commun. Rev., 27(2):24–36, 1997.
- R. Rodrigues, M. Castro, and B. Liskov. BASE: using abstraction to improve fault tolerance. In Proc. 18th SOSP, pages 15–28. ACM Press, Oct. 2001.
- A. Rowstron and P. Druschel. Storage management and caching in past, a large-scale, persistent peer-to-peer storage utility. In Proc. 18th SOSP, pages 188–201. ACM Press, 2001.
- F. B. Schneider. Implementing fault-tolerant services using the state machine approach: a tutorial. ACM Comput. Surv., 22(4):299–319, 1990.
- F. B. Schneider. Distributed Computing (Editor: Sape Mullender), chapter 2, ”What Good are Models and What Models are Good?”, pages 17–26. ACM Press, second edition, 1993.
- ”seti@home”. http://setiathome.ssl.berkeley.edu/.
- J. Shneidman and D. Parkes. Rationality and self-interest in peer to peer networks. In Proc. 2nd IPTPS, 2003.
- J. Shneidman and D. C. Parkes. Specification faithfulness in networks with rational nodes. In Proc. 23rd PODC, pages 88–97. ACM Press, 2004.
- J. Shneidman, D. C. Parkes, and L. Massoulie. Faithfulness in internet algorithms. In Proc. PINS, Portland, USA, 2004.
- V. Srinivasan, P. Nuggehalli, C.-F. Chiasserini, and R. R. Rao. Cooperation in wireless ad hoc networks. In INFOCOM, 2003.
- B. White, J. Lepreau, L. Stoller, R. Ricci, S. Guruprasad, M. Newbold, M. Hibler, C. Barb, and A. Joglekar. An integrated experimental environment for distributed systems and networks. In Proc. 5th OSDI, pages 255–270, Boston, MA, Dec. 2002. USENIX Association.
- J. Yin, J.-P. Martin, A. Venkataramani, L. Alvisi, and M. Dahlin. Separating agreement from execution for Byzantine fault tolerant services. In Proc. 19th SOSP, pages 253–267. ACM Press, Oct. 2003.