Proactive Byzantine Quorum Systems Eduardo A.P. Alchieri 1 , Alysson Neves Bessani 2 , Fernando Carlos Pereira 1 , and Joni da Silva Fraga 1 1 DAS, Federal University of Santa Catarina - Florian´opolis - Brasil 2 University of Lisbon, Faculty of Sciences, LaSIGE - Lisbon - Portugal Abstract. Byzantine Quorum Systems is a replication technique used to ensure availability and consistency of replicates data even in presence of arbitrary faults. This paper presents a Byzantine Quorum Systems protocol that provides atomic semantics despite the existence of Byzan- tine clients and servers. Moreover, this protocol is integrated with a pro- tocol for proactive recovery of servers. In that way, the system tolerates any number of failures during its lifetime, since no more than f out of n servers fail during a small interval of time between recoveries. All so- lutions proposed in this paper can be used on asynchronous systems, which requires no time assumptions. The proposed quorum system read and write protocols have been implemented and their efficiency is demon- strated through some experiments carried out in the Emulab platform. 1 Introduction Quorum systems [7] are fundamental tools used to ensure consistency and avail- ability of data stored in replicated servers. Appart from its use in the construc- tion of synchronization protocols (e.g., consensus), quorum-based protocols for register implementation are appealing due to their scalability and possibility of load balancing, since most operations does not need to be executed in all servers, but only in a subset of them (a quorum). The consistency of the stored data is ensured by the intersection between every quorum of the system. Quorum sys- tems can be used to implement registers that provide read and write operations with several possible semantics (safe, regular or atomic) [8]. The concept of quorum systems was initially proposed for environments in which servers could be subject to crash faults [7]. Later, the model was extended to tolerate Byzantine faults [11]. However, the biggest challenge in quorum sys- tems is how to design efficient protocols that tolerate malicious clients. The problem is that clients can execute some malicious actions to hurt system prop- erties, e.g., sending an update only to some servers and not to a complete quorum [10]. This possibility of misbehaviour should not be discarded since quorum sys- tems were developed to be used mainly in open systems such as the Internet, where there is a high probability of at least some clients being malicious. The first protocols that tolerate Byzantine clients required at least 4f +1 servers to tolerate f faults (on servers) [11,12]. However, these protocols does not completely constraint faulty actions of malicious clients. There are some attacks R. Meersman, T. Dillon, P. Herrero (Eds.): OTM 2009, Part I, LNCS 5870, pp. 708–725, 2009. c  Springer-Verlag Berlin Heidelberg 2009