TY - GEN
T1 - The Efficient Server Audit Problem, Deduplicated Re-execution, and the Web
AU - Tan, Cheng
AU - Yu, Lingfan
AU - Leners, Joshua B.
AU - Walfish, Michael
N1 - Publisher Copyright:
2017 Copyright held by the owner/author(s). Publication rights licensed to Association for Computing Machinery.
PY - 2017/10/14
Y1 - 2017/10/14
N2 - You put a program on a concurrent server, but you don’t trust the server; later, you get a trace of the actual requests that the server received from its clients and the responses that it delivered. You separately get logs from the server; these are untrusted. How can you use the logs to efficiently verify that the responses were derived from running the program on the requests? This is the Efficient Server Audit Problem, which abstracts real-world scenarios, including running a web application on an untrusted provider. We give a solution based on several new techniques, including simultaneous replay and efficient verification of concurrent executions. We implement the solution for PHP web applications. For several applications, our verifier achieves 5.6–10.9× speedup versus simply re-executing, with <10% overhead for the server.
AB - You put a program on a concurrent server, but you don’t trust the server; later, you get a trace of the actual requests that the server received from its clients and the responses that it delivered. You separately get logs from the server; these are untrusted. How can you use the logs to efficiently verify that the responses were derived from running the program on the requests? This is the Efficient Server Audit Problem, which abstracts real-world scenarios, including running a web application on an untrusted provider. We give a solution based on several new techniques, including simultaneous replay and efficient verification of concurrent executions. We implement the solution for PHP web applications. For several applications, our verifier achieves 5.6–10.9× speedup versus simply re-executing, with <10% overhead for the server.
UR - http://www.scopus.com/inward/record.url?scp=85041645850&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85041645850&partnerID=8YFLogxK
U2 - 10.1145/3132747.3132760
DO - 10.1145/3132747.3132760
M3 - Conference contribution
AN - SCOPUS:85041645850
T3 - SOSP 2017 - Proceedings of the 26th ACM Symposium on Operating Systems Principles
SP - 546
EP - 564
BT - SOSP 2017 - Proceedings of the 26th ACM Symposium on Operating Systems Principles
PB - Association for Computing Machinery, Inc
T2 - 26th ACM Symposium on Operating Systems Principles, SOSP 2017
Y2 - 28 October 2017 through 31 October 2017
ER -