An architecture to resilient and highly available identity providers based on OpenID standard / Uma arquitetura para provedores de identidade resistente e altamente disponíveis com base no padrão OpenID

Cunha, Hugo Assis

26 September 2014

Submitted by Lúcia Brandão (lucia.elaine@live.com) on 2015-07-14T15:58:20Z No. of bitstreams: 1 Dissertação - Hugo Assis Cunha.pdf: 4753834 bytes, checksum: 4304c038b5fb3c322af4b88ba5d58195 (MD5) / Approved for entry into archive by Divisão de Documentação/BC Biblioteca Central (ddbc@ufam.edu.br) on 2015-07-20T14:08:11Z (GMT) No. of bitstreams: 1 Dissertação - Hugo Assis Cunha.pdf: 4753834 bytes, checksum: 4304c038b5fb3c322af4b88ba5d58195 (MD5) / Approved for entry into archive by Divisão de Documentação/BC Biblioteca Central (ddbc@ufam.edu.br) on 2015-07-20T14:12:26Z (GMT) No. of bitstreams: 1 Dissertação - Hugo Assis Cunha.pdf: 4753834 bytes, checksum: 4304c038b5fb3c322af4b88ba5d58195 (MD5) / Made available in DSpace on 2015-07-20T14:12:26Z (GMT). No. of bitstreams: 1 Dissertação - Hugo Assis Cunha.pdf: 4753834 bytes, checksum: 4304c038b5fb3c322af4b88ba5d58195 (MD5) Previous issue date: 2014-09-26 / Não Informada / Quando se trata de sistemas e serviços de autenticação seguros, há duas abordagens principais: a primeira procura estabelecer defesas para todo e qualquer tipo de ataque. Na verdade, a maioria dos serviços atuais utilizam esta abordagem, a qualsabe-sequeéinfactívelefalha. Nossapropostautilizaasegundaabordagem, a qual procura se defender de alguns ataques, porém assume que eventualmente o sistema pode sofrer uma intrusão ou falha e ao invés de tentar evitar, o sistema simplesmente as tolera através de mecanismos inteligentes que permitem manter o sistema atuando de maneira confiável e correta. Este trabalho apresenta uma arquiteturaresilienteparaserviçosdeautenticaçãobaseadosemOpenIDcomuso deprotocolosdetolerânciaafaltaseintrusões, bemcomoumprotótipofuncional da arquitetura. Por meio dos diversos testes realizados foi possível verificar que o sistema apresenta um desempenho melhor que um serviço de autenticação do OpenID padrão, ainda com muito mais resiliência, alta disponibilidade, proteção a dados sensíveis e tolerância a faltas e intrusões. Tudo isso sem perder a compatibilidade com os clientes OpenID atuais. / Secure authentication services and systems typically are based on two main approaches: the first one seeks to defend itself of all kind of attack. Actually, the major current services use this approach, which is known for present failures as well as being completely infeasible. Our proposal uses the second approach, which seeks to defend itself of some specific attacks, and assumes that eventually the system may suffer an intrusion or fault. Hence, the system does not try avoiding the problems, but tolerate them by using intelligent mechanisms which allow the system keep executing in a trustworthy and safe state. This research presents a resilient architecture to authentication services based on OpenID by the use of fault and intrusion tolerance protocols, as well as a functional prototype. Through the several performed tests, it was possible to note that our system presents a better performance than a standard OpenID service, but with additional resilience, high availability, protection of the sensitive data, beyond fault and intrusion tolerance, always keeping the compatibility with the current OpenID clients.

Tolerância a faltas e intrusões

Sistemas resilientes

Replicação de máquinas de estado

Fault and intrusion tolerance

Resilient systems

State machine replication

OpenID

Synchronization and Fault-tolerance in Distributed Algorithms / Synchronisation et tolérance aux défaillances en algoritmique répartie

Blanchard, Peva

24 September 2014

Dans la première partie de ce mémoire, nous étudions le modèle des protocoles de population, introduit dans\cite{DBLP:conf/podc/BeauquierBCK10}. Ce modèle permet de représenter les grands réseaux de capteurs (ou agents) mobiles anonymes dotés de faibles ressources. Les contraintes de ce modèle sont si sévères que la plupart des problèmes classiques d'algorithmique répartie, tels que la collecte de données, le consensus ou l'élection d'un leader, sont difficiles à analyser, sinon impossibles à résoudre.Nous commençons notre étude par le problème de collecte de données. Celui-ci consiste principalement à transférer des valeurs réparties dans la population d'agents mobiles vers une station de base en un minimum de temps (temps de convergence). En utilisant un hypothèse d'équité, dite hypothèse de temps couvertures et introduite dans \cite{DBLP:conf/podc/BeauquierBCK10}, nous calculons des bornes optimales sur le temps de convergences de différents protocoles concrets. Ensuite, nous étudions le problème du consensus et d'élection de leader. Il a été montré que ces problèmes sont impossibles à résoudre dans le modèle original des protocoles de population. Pour contourner cette impossibilité, il est possible d'adjoindre au modèle certaines hypothèses sous la forme d'oracles. Nous proposons ensuite divers oracles permettant de résoudre le problème du consensus et d'élection de leader dans divers environnements, et nous étudions leurs puissances relatives. Ce faisant, nous développons un cadre formel permettant de représenter toutes les variétés d'oracles introduites, ainsi que leur possibles relations.Dans la seconde partie de ce mémoire, nous étudions le problème de la réplication de machine à états finis dans le modèle (classique) de communications asynchrones à passage de message. L'algorithme Paxos, introduit dans \cite{lamportPartTimeParliament,lamport01paxos} est une solution (partielle) bien connue au problème de la réplication capable de tolérer des pannes crash. Notre contribution, dans cette partie,consiste à améliorer Paxos afin qu'il puisse également tolérer des défaillances transitoires. Ce faisant, nous définissons la notions de machine répliquée pratiquement autostable. / In the first part of this thesis, we focus on a recent model, calledpopulation protocols, which describes large networksof tiny wireless mobile anonymous agents with very limited resources.The harsh constraints of the original model makes most of theclassical problems of distributed algorithmics, such as datacollection, consensus and leader election, either difficult to analyzeor impossible to solve.We first study the data collection problem, which mainly consists intransferring some values to a base station. By using a fairnessassumption, known as cover times, we compute tight bounds on theconvergence time of concrete protocols. Next, we focus on theproblems of consensus and leader election. It is shown that theseproblems are impossible in the original model. To circumvent theseissues, we augment the original model with oracles, and study theirrelative power. We develop by the way a formal framework generalenough to encompass various sorts of oracles, as well as theirrelations.In the second part of the thesis, we study the problem ofstate-machine replication in the more classical model of asynchronousmessage-passing communication. The Paxos algorithm is a famous(partial) solution to the state-machine replication problem whichtolerates crash failures. Our contribution is the enhancement of Paxosin order to tolerate transient faults as well. Doing so, we define thenotion of practically self-stabilizing replicated state-machine.

Algorithmique répartie

Protocoles de population

Tolérance aux défaillances

Auto-stabilisation

Collecte de données

Consensus

Élection de leader

Réplication

Oracles

Distributed algorithms

Population protocols

Fault tolerance

Self-stabilization

Data collection

Consensus

Leader election

State-machine replication

Oracles