In this paper we present two protocols for asynchronous Byzantine Quorum Systems (BQS) built on top of reliable channels---one for self-verifying data and the other for any data. Our protocols tolerate Byzantine failures with fewer servers than existing solutions by eliminating nonessential work

We determine what information about failures is necessary and sufficient to solve Consensus in asynchronous distributed systems subject to crash failures. In [CT91], it is shown that 3W, a failure detector that provides surprisingly little information about which processes have crashed

, it incorporates mechanisms to defend against Byzantine-faulty clients, and it recovers replicas proactively. The recovery mechanism allows the algorithm to tolerate any number of faults over the lifetime of the system provided fewer than 1/3 of the replicas become faulty within a small window of vulnerability

alternative to conventional asynchronous communication protocols. The facility also ensures that the processes belonging to a fault-tolerant process group will observe consistent orderings of events affecting the group as a whole, including process failures, recoveries, migration, and dynamic changes to group

The state machine approach is a general method for implementing fault-tolerant services in distributed systems. This paper reviews the approach and describes protocols for two different failure models--Byzantine and fail-stop. System reconfiguration techniques for removing faulty components

Since 1973 technological, political, regulatory, and economic forces have been changing the worldwide economy in a fashion comparable to the changes experienced during the nineteenth century Industrial Revolution. As in the nineteenth century, we are experiencing declining costs, increaing average (but decreasing marginal) productivity of labor, reduced growth rates of labor income, excess capacity, and the requirement for downsizing and exit. The last two decades indicate corporate internal control systems have failed to deal effectively with these changes, especially slow growth and the requirement for exit. The next several decades pose a major challenge for Western firms and political systems as these forces continue to work their way through the worldwide economy.

of providing them at that low level. Examples discussed in the paper include bit error recovery, security using encryption, duplicate message suppression, recovery from system crashes, and delivery acknowledgement. Low level mechanisms to support these functions are justified only as performance enhancements

of available computers, communicating as appropriate through files, TCP pipes, and shared-memory FIFOs. The vertices provided by the application developer are quite simple and are usually written as sequential programs with no thread creation or locking. Concurrency arises from Dryad scheduling vertices to run

a major routing pathology more than doubled between the end of 1994 and the end of 1995, rising from 1.5 % to 3.4%. For routing stability, we define two separate types of stability, “prevalence, ” meaning the overall likelihood that a particular route is encountered, and “persistence

definitions are given first. They are then commented upon, and supplemented by additional definitions, which address the threats to dependability and security (faults, errors, failures), their attributes, and the means for their achievement (fault prevention, fault tolerance, fault removal, fault forecasting