The Efficient Server Audit Problem, Deduplicated Re-execution, and the Web

作者: Cheng Tan , Lingfan Yu , Joshua B. Leners , Michael Walfish

DOI: 10.1145/3132747.3132760

关键词:

摘要: You put a program on concurrent server, but you don't trust the server; later, get trace of actual requests that server received from its clients and responses it delivered. separately logs these are untrusted. How can use to efficiently _verify_ were derived running requests? This is _Efficient Server Audit Problem_, abstracts real-world scenarios, including web application an untrusted provider. We give solution based several new techniques, simultaneous replay efficient verification executions. implement for PHP applications. For applications, our verifier achieves 5.6--10.9x speedup versus simply re-executing, with less than 10 percent overhead server.

参考文章(75)
Rosario Gennaro, Craig Gentry, Bryan Parno, Mariana Raykova, Quadratic Span Programs and Succinct NIZKs without PCPs theory and application of cryptographic techniques. pp. 626- 645 ,(2013) , 10.1007/978-3-642-38348-9_37
Marc Feeley, Carl Dionne, Jocelyn Desbien, A Taxonomy of Distributed Debuggers Based on Execution Replay. parallel and distributed processing techniques and applications. pp. 203- 214 ,(1996)
Bryan Parno, Adrian Perrig, Jonathan M. McCune, Bootstrapping Trust in Modern Computers ,(2011)
Bryan Parno, Adrian Perrig, Michael K. Reiter, Jonathan M. McCune, Hiroshi Isozaki, An Execution Infrastructure for TCB Minimization ,(2007)
Eli Ben-Sasson, Eran Tromer, Alessandro Chiesa, Madars Virza, Succinct non-interactive zero knowledge for a von Neumann architecture usenix security symposium. pp. 781- 796 ,(2014)
Jade Alglave, Luc Maranget, Stability in weak memory models computer aided verification. pp. 50- 66 ,(2011) , 10.1007/978-3-642-22110-1_6
Thomas H. Cormen, Ronald L. Rivest, Charles E. Leiserson, Clifford Stein, Introduction to Algorithms, third edition ,(2009)
Rosario Gennaro, Craig Gentry, Bryan Parno, Non-interactive verifiable computing: outsourcing computation to untrusted workers international cryptology conference. ,vol. 2009, pp. 465- 482 ,(2010) , 10.1007/978-3-642-14623-7_25
Felix Schuster, Manuel Costa, Cedric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz, Mark Russinovich, VC3: Trustworthy Data Analytics in the Cloud Using SGX ieee symposium on security and privacy. pp. 38- 54 ,(2015) , 10.1109/SP.2015.10
Marcus Peinado, Galen Hunt, Andrew Baumann, Shielding applications from an untrusted cloud with Haven operating systems design and implementation. pp. 267- 283 ,(2014) , 10.5555/2685048.2685070