Speaker: Han Kiliccote, Carnegie Mellon University
Date: January 27, 2000
PASIS - A Distributed Framework for Perpetually Available and Secure Information Systems
We are becoming more and more reliant upon the availability, integrity, and privacy of the digitally stored and accessed information. PASIS is a framework for demonstrating perpetually available information systems that guarantee the privacy and survivability of information under malicious attacks or system component failures. PASIS is based on an architecture that breaks all information into "chunks" and distributes these "information chunks" to a random selection of participants by using (p-m-n) threshold schemes. A (p-m-n) general threshold scheme breaks the information into n shares so that every shareholder has one of the shares and any subset of size m of the shareholders can recreate the information but p or less shareholders gain no information about the information. This enables PASIS to not have any single point of failure (i.e., it is not possible to destroy or breach the privacy of the information in PASIS by eliminating or capturing few selected components or information chunks within the system) and thereby achieve a very high degree of security and resiliency against failures and attacks.
Dr. Kiliccote is a research engineer at Institute for Complex Engineered Systems (ICES), CMU. His research interests include secure and reliable distributed systems, computer security, networking, agent-based systems, databases and distributed artificial intelligence. He joined CMU in 1992 as an MS student, finished his PhD dissertation in 1997, stayed as a post-doc and finally joined ICES in 1998.