The Architecture of the Starfish System: Mapping the Survivability Space
Kim KihlstromChris PhillipsChris Ritchey
Ben LaBarberaWestmont College
Priya NarasimhanCarnegie Mellon
University
The Starfish System
IASTED PDCS 2003
Starfish Goals
Provide survivability for middleware applications
Not specific to any middleware system
Applicable to local and wide area systems
Provide support for connected enterprises such as web services
Allow linking of multiple Starfish
The Starfish System
IASTED PDCS 2003
Starfish Protocol Stack
The Starfish System
IASTED PDCS 2003
Creating the Survivability Space
Define what is meant by survivability
Evaluate existing systems
Identify tradeoffs in survivability issues
Develop cohesive framework for survivable system design
The Starfish System
IASTED PDCS 2003
Survivability
Encompasses but goes beyond reliability and security
Provide useful services even in event of malicious attacks, intrusions, accidents, or faults
The Starfish System
IASTED PDCS 2003
Survivability Space
The Starfish System
IASTED PDCS 2003
Reliability Subspace
The Starfish System
IASTED PDCS 2003
Security Subspace
The Starfish System
IASTED PDCS 2003
Quality of Service Subspace
The Starfish System
IASTED PDCS 2003
Mapping of Prior Systems
Mapped a number of existing systems to survivability space
The Starfish System
IASTED PDCS 2003
Starfish Philosophy
Starfish allows for tradeoffs between security, reliability, and quality of service by providing body, shoulders, and arm regions
Body: Byzantine fault model and high security guarantees, but lower performance and not scalable to wide area or large number of processors
Arms: High performance and highly scalable, but supports only crash/omission/timing fault model and less stringent security guarantees
Shoulders: Intermediate fault tolerance, security, performance and scalability
The Starfish System
IASTED PDCS 2003
The Starfish System
IASTED PDCS 2003
Linked Starfish
The Starfish System
IASTED PDCS 2003
Starfish Reliability Subspace
The Starfish System
IASTED PDCS 2003
Starfish Security Subspace
The Starfish System
IASTED PDCS 2003
Starfish Quality of Service Subspace
The Starfish System
IASTED PDCS 2003
Reliability Mechanisms
Active and passive replication
Majority voting
Secure reliable ordered multicast
Byzantine fault detector
Value fault detector
Secure membership
Vaccination
Timeouts
Retransmission
The Starfish System
IASTED PDCS 2003
Security Mechanisms
Threshold schemeEncryptionIdentifiersPasswordsMACsSignaturesByzantine fault detectorValue fault detectorSecure membershipLoggingAnomaly detection
SandboxingIntrusion historyMessage digestsState transferQuarantineVaccinationMembershipMessage DigestsRemovalRecovery
The Starfish System
IASTED PDCS 2003
Quality of Service Mechanisms
Removal/addition
Migration
Hierarchical Groups
Message prioritization
Optimistic Delivery
Live Upgrades
The Starfish System
IASTED PDCS 2003
Conclusions
Mapping of prior systems to survivability space
Mapping of Starfish body, shoulders, and arms to survivability space
Identification of survivability properties and mechanisms for Starfish body, shoulders, and arms
The Starfish System
IASTED PDCS 2003
Questions and Feedback
Kim [email protected]://homepage.westmont.edu/kimkihls/
Priya [email protected]://www.cs.cmu.edu/~priya/
Chris [email protected]