Designing secure and reliable applications using fragmentation-redundancy-scattering: an object-oriented approach

  • Jean-Charles Fabre
  • Yves Deswarte
  • Brian Randell
Session 1: Fault-tolerance techniques
Part of the Lecture Notes in Computer Science book series (LNCS, volume 852)


Security and reliability issues in distributed systems have been investigated for several years at LAAS using a technique called Fragmentation-Redundancy-Scattering (FRS). The aim of FRS is to tolerate both accidental and intentional faults: the core idea consists in fragmenting confidential information in order to produce insignificant fragments and then in scattering the fragments so obtained in a redundant fashion across a distributed system, such as a large network of workstations and servers. Of these workstations, in principle just the user's own workstation needs to be regarded as trusted, whereas from this user's viewpoint the other workstations and servers, which in all probability are under someone else's control, can be untrusted devices.

This paper describes an object-oriented approach to the use of FRS, now under development at LAAS and Newcastle. This approach greatly eases the task of application programmers who seek to ensure reliable secure processing, as well as storage, of confidential information. The approach involves fragmenting a confidential object using its composition structure, i.e., in terms of a hierarchy of sub-objects (the “is-part- of” relation of the object model), each of course with its own subsidiary operations or “methods”. The fragmentation process continues until the resulting sub-objects are as far as possible such as to be individually non-confidential. Replicas of non-confidential objects are then scattered among untrusted stations. By such means much of the processing of object methods, as well as the storing of much object state information, can be carried out safely on untrusted equipment.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    J.C. Laprie, Ed., Dependability: Basic Concepts and Terminology (in English, French, German, Italian and Japanese), series Dependable Computing and Fault-Tolerant Systems, (A. Avizienis, H. Kopetz, J.C. Laprie Eds.), Vol.5, Springer-Verlag, 1992, 265 p., ISBN 3-211-82296-8.Google Scholar
  2. 2.
    Y. Deswarte, L. Blain and J.-C. Fabre, “Intrusion Tolerance in Distributed Computing Systems”, in Proc. IEEE Symp. on Security and Privacy, Oakland California (USA), 1991, pp. 110–121.Google Scholar
  3. 3.
    N. Ahituv, Y. Lapid, S. Neumann, “Processing Encrypted Data”, in Comm. of the ACM, vol. 30, #9, Sept 1987, pp. 777–780.CrossRefGoogle Scholar
  4. 4.
    R.L. Rivest, L. Adelman, M.L. Dertouzos, “On Data Bank and Privacy Homomorphisms”, in Foundations of Secure Computation, Academic Press, ISBN o-12-210350-5, pp. 169–179.Google Scholar
  5. 5.
    G. Trouessin, J.C. Fabre and Y. Deswarte, “Reliable Processing of Confidential Information”, Proc. of the 7th IFIP/Sec'91, Brighton (UK), 1991, pp. 210–221.Google Scholar
  6. 6.
    A. Shamir, “How to Share a Secret”, CACM, vol. 22, #11, pp. 612–613, 1979.Google Scholar
  7. 7.
    M.O. Rabin, “Efficient Dispersion of Information for Security, Load Balancing and Fault-Tolerance”, Journal of ACM, vol. 36, #2, April 1986, pp. 335–348.CrossRefGoogle Scholar
  8. 8.
    D. Powell, Ed., Delta-4: A Generic Architecture for Dependable Distributed Computing, series Research Reports ESPRIT, Project 818/2252, Delta-4, Vol. 1 of 1, Springer-Verlag, 1991, 484 p., ISBN 3-540-54985-4.Google Scholar
  9. 9.
    S.K. Shrivastava, G.N. Dixon and G.D. Parrington, “An Overview of the Arjuna Distributed Programming System”, IEEE Software, vol. 8, #1, 1991, pp. 66–73.CrossRefGoogle Scholar
  10. 10.
    J.C. Fabre and B. Randell, “An Object-Oriented View of Fragmented Data Processing for Fault and Intrusion Tolerance in Distributed Systems”, in Proc. of ESORICS 92, LNCS nℴ 648, Springer-Verlag, Nov. 1992, pp. 193–208.Google Scholar
  11. 11.
    R. Stroud, “Transparency and Reflection in Distributed Systems”, in Proc. of the 5th. ACM SIGOPS European Workshop on Distributed Systems, Le Mont Saint-Michel, France, Sep. 1992, 5 pages.Google Scholar
  12. 12.
    S. Chiba and T. Masuda, “Designing an Extensible Distributed Language with Meta-Level Architecture”, Proceedings of the ECOOP '93, LNCS nℴ707, Springer-Verlag, July 1993, pp. 483–502.Google Scholar
  13. 13.
    NCSC TNI, “Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria”, Tech. Rept. NCSC-TG-005, NCSC, 31 July 1987.Google Scholar
  14. 14.
    R. Lea, P. Amaral, C. Jacquemot, “cool-2: an Object-Oriented support platform built above the Chorus Micro-Kernel”, in Proc. of the IEEE I-WOOOS'91, Palo Alto, CA (USA), October 1991, pp. 68–73.Google Scholar
  15. 15.
    M. Rozier et al., “Overview of the Chorus Distributed Operating System”, Chorus Systèmes Technical Report, CS-TR-90-25, 1990, 45 pages.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1994

Authors and Affiliations

  • Jean-Charles Fabre
    • 1
  • Yves Deswarte
    • 1
  • Brian Randell
    • 2
  1. 1.LAAS-CNRS & INRIAToulouse cedexFrance
  2. 2.Department of Computing ScienceUniversity of Newcastle upon TyneNewcastle upon TyneUK

Personalised recommendations