Today’s networks are often characterized by a free aggregation of independent nodes. Thus, the possibility increases that a sel.sh party operates a node, which may violate the collabor- ative protocol in order to increase a personal bene.t. If such violations di.er from the system goals they can even be considered as attack. Current fault-tolerance techniques may weaken the harmful impact to some degree but they cannot always prevent them. Furthermore, the several architectures di.er in their fault-tolerance capabilities. This emphasizes the need for approaches able to achieve collaboration from sel.sh nodes in distributed systems.
In this PhD thesis, we consider the problem of attaining a targeted level of collaboration in a distributed architecture deployed over rational sel.sh nodes. They have interest in deviating from the collaborative protocol to increase a personal bene.t. In order to cover a broad spec- trum of systems, we do not modify the collaborative protocol itself. Instead, we propose to add a monitoring logic to inspect the correctness of a node’s behaviour. The designer of the mon- itoring system is faced with a complex and dynamic situation. He needs to consider aspects such as the speci.c circumstances (e.g. message tra.c), the inspection e.ort or the node’s in- dividual preferences. Furthermore, he should consider that each agent could be aware of the other agents’ preferences as well as sel.shness and perform strategic choices consequently. This complex and interdependent setup corresponds to a class of Game Theory (GT) known as Inspection Games (IG). They model the general situation where an inspector veri.es through inspections the correct behaviour of another party, called inspectee. However, inspections are costly and the inspector’s resources are limited. Hence, a complete surveillance is not possible and an inspector will try to minimize the inspections.
In this thesis, the initial IG model is enriched by the possibility that a violation is not de- tected during an inspection (false negatives). Applied to distributed systems, the IG is used to model the network participants’ strategy choice. As outcome, it enables to calculate sys- tem parameters to attain the desired collaboration value. The approach is designed as generic framework. It can be therefore applied to any architecture considering any sel.sh goal and any reliability technique. For the sake of concreteness, we will discuss the IG approach by means of the illustrative case of a Publish/Subscribe architecture.
The IG framework of this thesis secures the whole collaborative protocol by a monitoring approach. This represents a new way in terms of reliability mechanisms. The applicability is furthermore supported by the software library RCourse. Simplifying robustness evaluations of distributed systems, it is suitable for model veri.cation and parameter calibration.