SecureSMART: A Security Architecture for BFT Replication Libraries

TL;DR

SecureSMART introduces a comprehensive security architecture for BFT replication libraries, enhancing security through dynamic key management, integrity, confidentiality, and access control mechanisms to facilitate wider real-world deployment.

Contribution

It presents SecureSMART, a novel security architecture that integrates multiple security features for BFT systems, extending beyond low-level protocols.

Findings

Provides dynamic key distribution for BFT systems

Ensures internal and external data integrity and confidentiality

Includes mechanisms for availability and access control

Abstract

Several research projects have shown that Byzantine fault tolerance (BFT) is practical today in terms of performance. Deficiencies in other aspects might still be an obstacle to a more wide-spread deployment in real-world applications. One of these aspects is an over-all security architecture beyond the low-level protocol. This paper proposes the security architecture SecureSMART, which provides dynamic key distribution, internal and external integrity and confidentiality measures, as well as mechanisms for availability and access control. For this purpose, it implements security mechanism among clients, nodes and an external trust center.