Auditable Restoration of Distributed Programs

TL;DR

This paper introduces a self-stabilizing, bounded-state protocol for auditable restoration in distributed systems, enabling authorized processes to detect auditable events and restore normal operation while handling faults.

Contribution

It presents a novel protocol that ensures auditable events are globally recognized and only authorized processes can initiate restoration, even amidst faults.

Findings

Protocol is self-stabilizing and bounded in state space.

Effectively handles faults during restoration.

Enables auditable restoration for other distributed protocols.

Abstract

We focus on a protocol for auditable restoration of distributed systems. The need for such protocol arises due to conflicting requirements (e.g., access to the system should be restricted but emergency access should be provided). One can design such systems with a tamper detection approach (based on the intuition of "break the glass door"). However, in a distributed system, such tampering, which are denoted as auditable events, is visible only for a single node. This is unacceptable since the actions they take in these situations can be different than those in the normal mode. Moreover, eventually, the auditable event needs to be cleared so that system resumes the normal operation. With this motivation, in this paper, we present a protocol for auditable restoration, where any process can potentially identify an auditable event. Whenever a new auditable event occurs, the system must reach an "auditable state" where every process is aware of the auditable event. Only after the system reaches an auditable state, it can begin the operation of restoration. Although any process can observe an auditable event, we require that only "authorized" processes can begin the task of restoration. Moreover, these processes can begin the restoration only when the system is in an auditable state. Our protocol is self-stabilizing and has bounded state space. It can effectively handle the case where faults or auditable events occur during the restoration protocol. Moreover, it can be used to provide auditable restoration to other distributed protocol.