Malicious-and Accidental-Fault Tolerance for Internet Applications
IST Research Project IST-
1 January 2000 - 28 February 2003

Check out a summary of the project, or browse through the original project proposal.

MAFTIA involved experts from 5 countries and 6 organisations. The Industrial Advisory Board provided valuable feedback on the work of the project.

Research was organised into six workpackages.

Find out more about the key scientific results and achievements, and the benefits of this research collaboration.




Newcastle
Brian Randell and Robert Stroud were the principal researchers at Newcastle.
Publications...



Lisboa
Paulo Veríssimo and Nuno Ferreira Neves led investigations at Lisboa.
Publications...



QinetiQ
QinetiQ's research was led by Colin O'Halloran and Sadie Creese.
Publications...



Saarland
Birgit Pfitzmann (now at IBM Zurich), Michael Steiner (now at IBM Thomas Watson), and André Adelsbach led the research at Saarland.
Publications...



LAAS-CNRS
Research at LAAS was led by David Powell and Yves Deswarte.
Publications...



IBM Zurich
Michael Waidner, Marc Dacier (now at Institut Eurécom), Andreas Wespi and Christian Cachin led the work at IBM Zurich.
Publications...

Dependable Computing and Fault Tolerance, LAAS-CNRS

LAAS was established in 1968. It is a laboratory of the CNRS, the French National Organisation for Academic Scientific Research.

LAAS led the work on the conceptual model, refining the core dependability concepts with respect to malicious faults, and developing an integrated intrusion-detection/tolerance framework, in close collaboration with Newcastle and IBM.

LAAS has also developed the authorisation architecture, with two levels of access control:

  • at a global level, a distributed authorisation server verifies if each transaction is authorized and, in that case, generates the authorisation proofs for all the object method invocations needed to execute the whole transaction; MAFTIA protocols are used to tolerate accidental faults or intrusions affecting some of the sites composing the server;
  • at a local level, a reference monitor verifies that each object invocation is accompanied by the corresponding authorisation proof; the reference monitor is implemented partly in a JavaCard.

This authorisation scheme is much more efficient than the usual "client-server" model because it enables fine-grain access control. It is also much less privacy-intrusive.

People at LAAS

These people worked on MAFTIA. Names in bold are Executive Board members, others are Research Associates.

Noreddine Abghour
Yves Deswarte
Vincent Nicomette
David Powell
Christophe Zanon