miguel pupo correia           
 

software

  • SafeCloudFS aka RockFS - single cloud or cloud-of-clouds file system resilient to client side attacks

    • SafeCloudFS - is a file system backed by a single cloud or a cloud-of-clouds that is resilient to client side attacks. SafeCloudFS provides two sets of security mechanisms to be integrated with the client-side of a file system: (1) a recovery service capable of undoing unintended file operations without losing valid file operations that occurred after the attack; and (2) device data security mechanisms to safely store encryption keys reducing the probability of having the credentials compromised by attackers and to protect cached data. See the RockFS paper at Middleware 2018 and the SCFS paper at Usenix ATC 2014. Implemented by David Matos, Ricardo Mendes and Tiago Oliveira.

  • Rectify black-box intrusion recovery system for PaaS clouds

    • Web applications hosted on clouds are exposed to cyberattacks that can modify their state. PaaS offerings often provide a backup service that allows restoring the application state after a serious attack, but all valid state changes since the last backup are lost. Rectify is a service designed to be deployed alongside the application in a PaaS container and to support their recovery, without loosing valid state changes. It is black-box in the sense that it does not require changing the application code (unlike Shuttle). See paper at Middleware 2017. Implemented by David Matos.

  • SafeAudit / S-Audit cloud storage integrity verification service

    • S-Audit software library provides integrity verification of data stored in commercial clouds. It uses homomorphic authentication with digital signatures to avoid retrieving the protected data from the cloud. The service was integrated with a cloud-backed file system called SCFS to show how it can be used in practice. See paper at TrustCom 2018. Implemented by Filipe Apolinário.

  • ITZ Library - Virtual Machine Introspection for ARM TrustZone

    • ITZ is a VMI library for ARM TrustZone. It allows inspecting the normal world from code running in the secure world. See paper at QRS 2018. Implemented by Miguel Guerra.

  • NoSQL Undo recovery tool for NoSQL databases

    • NoSQL databases offer high throughput and support huge data structures, but typically provide only basic backup and restore mechanisms. These mechanisms allow recovering databases from a crash, but not to remove undesired operations caused by accidental or malicious actions. NoSQL Undo is a tool that allows database administrators to remove the effect of undesirable actions by undoing operations, leading the system to a consistent state. The current version works with MongoDB. See paper at NCA 2016. Implemented by David Matos.

  • Chrysaor fine-grained fault-tolerant cloud-of-clouds MapReduce

    • Chrysaor is a platform that allows MapReduce computations to scale out to multiple clouds, similarly to Medusa. Chrysaor, is based on a fine-grained replication scheme that tolerates faults at the task level. It has three important properties: it tolerates arbitrary faults and cloud outages at reasonable cost; it requires minimal modifications to the users' applications; and it does not involve changes to the Hadoop source code. See paper at CCGrid 2017. Implemented by Pedro Costa.

  • Medusa fault-tolerant cloud-of-clouds MapReduce

    • Medusa is a platform that allows MapReduce computations to scale out to multiple clouds and tolerate several types of faults. First, it is transparent to the user, who writes her typical MapReduce application without modification. Second, it does not require any modification to the widely used Hadoop framework. Third, the proposed system goes well beyond the fault-tolerance offered by MapReduce to tolerate arbitrary faults, cloud outages, and even malicious faults caused by corrupt cloud insiders. Fourth, it achieves this increased level of fault tolerance at reasonable cost. See paper at CCGrid 2016. Implemented by Pedro Costa.

  • PREMIUM - Private REactive MultIpath commUnication Middleware

    • PREMIUM provides a mechanism to split network traffic among multiple paths, and is able to react in near real-time to hijacking attacks. The solution uses two components: MACHETE and Darshana. The first is a multipath communication component that splits data, with Multipath TCP (MPTCP), among multiple physical paths on top of an overlay network, using when possible multiple Internet Service Providers (ISPs) through multihoming. The second is a route hijacking monitor, that uses a combination of detection mechanisms to alert the user that its data traffic is likely being intercepted. The end client uses this reactive middleware so that hijack alerts can trigger path changes, to protect the communication. Implemented by Isabel Costa, Diogo Raposo, Karan Balu, and David Matos.

  • MACHETE - multi-path communication (most recent implementation is part of PREMIUM)

    • Protocols such as HTTPS may be used to protect communication, but occasionally vulnerabilities that may allow snooping on packet content are discovered. MACHETE is an application-layer multi-path communication mechanism that provides additional confidentiality by splitting data streams in different physical paths. MACHETE has to handle two challenges: sending packets over different paths when Internet's routing imposes a single path between pairs of network interfaces; splitting streams of data sent over TCP connections. MACHETE leverages overlay networks and multihoming to handle the first challenge and MultiPath TCP (MPTCP) to handle the second. MACHETE establishes an overlay network and scatters the data over the available paths, thus reducing the effectiveness of snooping attacks. See paper at NCA 2016. Implemented by Diogo Raposo.

  • vtTLS - vulnerability-tolerant channels for transport layer security

    • There are often concerns about the strength of some of the encryption mechanisms used in SSL/TLS channels, with some regarded as insecure at some point in time. vtTLS is our solution to mitigate the problem of secure communication channels being vulnerable to attacks due to unexpected vulnerabilities in encryption mechanisms. It is based on diversity and redundancy of cryptographic mechanisms and certificates to provide a secure communication channel even when one or more mechanisms are vulnerable. vtTLS relies on a combination of k cipher suites. Even if k-1 cipher suites are insecure or vulnerable, vtTLS relies on the remaining cipher suites to maintain the channel secure. vtTLS is based on OpenSSL. See paper at NCA 2016. Implemented by André Joaquim.

  • Shuttle intrusion recovery service for PaaS clouds

    • Shuttle is a service that allows cloud consumers to recover from intrusions in their cloud applications. It combines a record-and-replay approach with the elasticity provided by cloud offerings to recover applications deployed on various instances and backed by distributed databases. See paper at ICDCS 2015. Implemented by Dário Nascimento.

  • WAP - automatic Web Application Protection (OWASP project)

    • A tool that searches for vulnerabilities in web applications written in PHP using static source code analysis and data mining, then inserts fixes for the vulnerabilities found. See papers at WWW 2014 and IEEE Transactions on Reliability 2015. Implemented by Ibéria Medeiros.

  • SCFS cloud-backed file system (most recent implementation is part of SafeCloudFS)

    • SCFS is a cloud-backed file system that provides strong consistency even on top of eventually-consistent cloud storage services. Its build on top of FUSE, thus providing a POSIX-like interface. SCFS provides also a pluggable backend that allows it to work with a single cloud or with a cloud-of-clouds. See paper at Usenix ATC 2014. Implemented by Ricardo Mendes and Tiago Oliveira.

  • DepSky - cloud-of-clouds storage

    • A programming library that implements the DepSky cloud-of-clouds replication algorithms. These algorithms use Byzantine quorum systems together secret sharing and erasure codes to spread data in a diverse set of clouds ensuring provider fault tolerance and confidentiality. See paper at EuroSys 2011 and ACM Trans. Storage 2013. Implemented by Alysson Bessani, Bruno Quaresma and Fernando André.

  • JITeR - Just-In-Time Routing

    • An algorithm that timely routes messages at application-layer using overlay networking and multihoming, leveraging the natural redundancy of wide-area IP networks. See paper at ComNet 2016. Implemented by Alexandre Fonseca, Rui Silva, and Pedro Luz.

  • php parser

    • A Java parser for PHP 5.3 that is the core of WAP. Implemented by Ibéria Medeiros.

  • MinBFT, MinZyzzyna, Spinning and EBAWA

    • Asynchronous Byzantine fault-tolerant state machine replication (BFT) algorithms that are minimal and efficient in WANs. See papers at IEEE Transactions on Computers 2013, SRDS 2009 and HASE 2010. Implemented by Giuliana S. Veronese. MinBFT is now being reimplemented in Go by the Hyperledger project!

  • Randomized Intrusion-Tolerant Asynchronous Services (RITAS)

    • A toolkit of intrusion-tolerant randomized agreement protocols. See our 2006 DSN and SRDS papers. Implemented by Henrique Moniz.

  • Detector of integEr vulnerabilitiEs in softwarE Portability (DEEEP)

    • A static analysis tool that finds integer vulnerabilities caused by problems when porting code from 32 to 64 bit processors. Implemented by Ibéria Medeiros.

  • Dependable Tuple Space (DepSpace)

    • An intrusion-tolerant coordination service. See paper at EuroSys 2008 paper. Implemented by Alysson Bessani, Eduardo Alchieri, and others.

  • Trusted Timely Computing Base (TTCB)

    • A secure component used to support intrusion-tolerant protocols. See my 2002 EDCC and SRDS papers or my PhD thesis. Implemented by me and Pedro Martins.

 

Besides LASIGE's and GSD's distributed computing testbeds, we frequently run experiments at Emulab, PlanetLab, and Amazon AWS. My warm thanks to the promoters of those platforms.

 

home | last update: 02-10-2018