Abstract: A method for byzantine fault-tolerant replication of data on a plurality of n servers includes performing, by a primary node (PN), a prepare procedure that includes computing a prepare message including a unique identifier and multicasting the prepare message to the REPN. The method further includes performing, by the PN, a commit procedure that includes receiving, from each of a portion of the REPN, a prepare message reply signature part and aggregating each of the prepare message reply signature parts to generate a prepare message reply aggregated signature, checking the validity of the prepare message reply aggregated signature, and upon determining that the prepare message reply aggregated signature is valid, computing a commit message including the prepare message reply aggregated signature and multicasting the commit message to the REPN. The method further includes transmitting, to the client, the commit message reply aggregated signature.

Abstract: A computer system having a system memory and being arranged to permit a target program (90) installed on the system to be modified in a trusted manner. The system comprises a White-list Management Agent, WMA, module (10) for receiving, at a notification receiver (12), a notification that the target program (90) which is loaded into the system memory of the computer system has performed an update operation on the target program resulting in the generation and storage of a modified version of the target program on a storage device associated with the computer system. The WMA module is operable, upon receipt of a target program update notification, to determine if the program (90) as loaded into the system memory is in a trusted state by measuring the program (90) using a program measurer module (14) and comparing this, using a comparator (16), with a pre-stored value contained in a program whitelist (30), the pre-stored value being obtained from the program whitelist (30) using a whitelist reader/writer (18).

Abstract: A method for byzantine fault-tolerant replication of data on a plurality of n servers includes performing, by a primary node (PN), a prepare procedure that includes computing a prepare message including a unique identifier and multicasting the prepare message to the REPN. The method further includes performing, by the PN, a commit procedure that includes receiving, from each of a portion of the REPN, a prepare message reply signature part and aggregating each of the prepare message reply signature parts to generate a prepare message reply aggregated signature, checking the validity of the prepare message reply aggregated signature, and upon determining that the prepare message reply aggregated signature is valid, computing a commit message including the prepare message reply aggregated signature and multicasting the commit message to the REPN. The method further includes transmitting, to the client, the commit message reply aggregated signature.

Abstract: A method for byzantine fault-tolerant replication of data on a plurality of n servers by a client, wherein the n servers include one primary node (PN) and n?1 replica nodes (REPN), wherein f servers may arbitrarily fail, and wherein all n servers include a trusted computing entity (TCE), includes: performing a request procedure, performing a prepare procedure, performing a commit procedure, and performing a reply procedure. The request procedure includes providing a request message for requesting a certain operation, and transmitting the request message to all n servers. The prepare procedure includes computing a prepare message including at least part of the content of the request message and a unique identifier (UI), the UI being computed by the TCE, the UI being based on a cryptographic signature of the request message and a unique, monotonic, sequential counter (UMSC), and providing the prepare message to the REPN.

Abstract: A method for byzantine fault-tolerant replication of data on a plurality of n servers by a client, wherein the n servers include one primary node (PN) and n?1 replica nodes (REPN), wherein f servers may arbitrarily fail, and wherein all n servers include a trusted computing entity (TCE), includes: performing a request procedure, performing a prepare procedure, performing a commit procedure, and performing a reply procedure. The request procedure includes providing a request message for requesting a certain operation, and transmitting the request message to all n servers. The prepare procedure includes computing a prepare message including at least part of the content of the request message and a unique identifier (UI), the UI being computed by the TCE, the UI being based on a cryptographic signature of the request message and a unique, monotonic, sequential counter (UMSC), and providing the prepare message to the REPN.

Abstract: A computer system having a system memory and being arranged to permit a target program (90) installed on the system to be modified in a trusted manner. The system comprises a White-list Management Agent, WMA, module (10) for receiving, at a notification receiver (12), a notification that the target program (90) which is loaded into the system memory of the computer system has performed an update operation on the target program resulting in the generation and storage of a modified version of the target program on a storage device associated with the computer system. The WMA module is operable, upon receipt of a target program update notification, to determine if the program (90) as loaded into the system memory is in a trusted state by measuring the program (90) using a program measurer module (14) and comparing this, using a comparator (16), with a pre-stored value contained in a program whitelist (30), the pre-stored value being obtained from the program whitelist (30) using a whitelist reader/writer (18).