Building an Intrusion Tolerant Repository
一种入侵容忍的资料库

On-line ARECA's ability to protect its private key enables it to sign certificates or revoke certificates securely. Yet to be a secure on-line CA, its repository should also be protected. ARECA's repository comprises several replicated servers and is designed into a Dissemination Quorum System, which can mask the benign failure or Byzantine (even malign) failure of the servers. ARECA's repository which consists of n(n>3f) serves,is able to provide a correct service even when at most f servers fail.