Back to Main Page

Security of Online Information

BARBARA LISKOV - MIT Slides - 208 KB Download - 256 MB Watch the Talk (20:11)

Before long we can expect that everything will be stored online in storage services offered over the Internet. Already online storage services are being offered (e.g., by Google and Amazon) and some companies are moving to take advantage of these offerings. In the future, we can expect that personal data, medical records, scientific data, and corporate data will be stored in such services.

Individuals will obtain great value from using these services. One major advantage over keeping your data on your PC is that your data becomes accessible from anywhere, e.g., from your cell phone or in an Internet cafe. Another major advantage is that individuals are no longer responsible for making timely backups; instead backups will be done automatically, and users need no longer worry about the consequences of a catastrophic failure of their machine. Health care will benefit from online Internet availability as well. Storing medical records in an Internet storage service allows the records to be accessible when needed, from where the patient happens to be at the time. These are but two examples.

To support customer needs, online support services must satisfy a number of requirements. Two important requirements are reliability and availability. Users want to be certain that the information is stored reliably, so that it will not be lost, and that it is highly available, so that the information can be accessed when needed.

There are important technical issues that underlie providing availability and reliability. It is readily apparent that if data is stored at just one computer, a failure of that machine makes the data unavailable for the duration of the failure, and might even cause permanent loss of the information. Therefore having copies stored at multiple replica machines is necessary. Ensuring that the replicated storage provides a behavior that makes sense to users is non-trivial and requires the use of replication protocols.

The details of replication protocols differ depending on the types of failures that need to be handled. Research during the late 1980's led to the development of robust and efficient protocols that handle "benign" failures in which replicas are either running correctly or have failed and are not responding. These protocols are now being used in industry, after a lag of about a decade from invention to adoption. Meanwhile the research community moved on to consider how to cope with "Byzantine" failures, in which failed machines can behave arbitrarily. For example, a failed machine might indicate (by sending a message) that it is carrying out a request to write some new information, but instead discard the request. Byzantine failures happen due to errors in software, and importantly because of the malicious attacks, e.g., viruses and worms, that are frequently being launched on the Internet.

Today there are efficient protocols to handle Byzantine failures. These protocols have yet to be adopted widely by industry, but this will likely happen within the next several years. Meanwhile researchers have moved on to study how to support other requirements. A very important requirement is how to ensure privacy for confidential information (such as medical records) that is stored in an online service.

Footnote: Barbara Liskov was named the 2008 ACM A. M. Turing Award Winner; the award, named for British mathematician Alan M. Turing, is widely considered to be the "Nobel Prize in Computing."