SecureSMART: A Security Architecture for BFT Replication Libraries
This addresses security gaps for BFT systems in real-world applications, but it is incremental as it builds on existing BFT performance improvements.
The paper tackles the lack of a comprehensive security architecture for Byzantine fault tolerance (BFT) replication libraries, proposing SecureSMART to provide dynamic key distribution, integrity, confidentiality, availability, and access control mechanisms.
Several research projects have shown that Byzantine fault tolerance (BFT) is practical today in terms of performance. Deficiencies in other aspects might still be an obstacle to a more wide-spread deployment in real-world applications. One of these aspects is an over-all security architecture beyond the low-level protocol. This paper proposes the security architecture SecureSMART, which provides dynamic key distribution, internal and external integrity and confidentiality measures, as well as mechanisms for availability and access control. For this purpose, it implements security mechanism among clients, nodes and an external trust center.