%0 Generic %1 tan2017efficient %A Tan, Cheng %A Yu, Lingfan %A Leners, Joshua B. %A Walfish, Michael %D 2017 %K php %T The Efficient Server Audit Problem, Deduplicated Re-execution, and the Web %U http://arxiv.org/abs/1709.08501 %X You put a program on a concurrent server, but you don't trust the server, later, you get a trace of the actual requests that the server received from its clients and the responses that it delivered. You separately get logs from the server, these are untrusted. How can you use the logs to efficiently verify that the responses were derived from running the program on the requests? This is the Efficient Server Audit Problem, and it abstracts real-world scenarios, including running a web application on an untrusted provider. We present a solution based on several new techniques, including SIMD-on-demand replay of requests that share the same control flow, and simulate-and-check, in which the verifier re-executes read operations from logs, and validates the logs opportunistically. We build a system that implements the solution for PHP-based web applications. For several applications, our implemented verifier achieves 5.6--10.9x speedup versus simply re-executing, at the cost of less than 10 percent overhead on the server's execution.

@misc{tan2017efficient, abstract = {You put a program on a concurrent server, but you don't trust the server, later, you get a trace of the actual requests that the server received from its clients and the responses that it delivered. You separately get logs from the server, these are untrusted. How can you use the logs to efficiently verify that the responses were derived from running the program on the requests? This is the Efficient Server Audit Problem, and it abstracts real-world scenarios, including running a web application on an untrusted provider. We present a solution based on several new techniques, including SIMD-on-demand replay of requests that share the same control flow, and simulate-and-check, in which the verifier re-executes read operations from logs, and validates the logs opportunistically. We build a system that implements the solution for PHP-based web applications. For several applications, our implemented verifier achieves 5.6--10.9x speedup versus simply re-executing, at the cost of less than 10 percent overhead on the server's execution.}, added-at = {2017-12-30T11:12:40.000+0100}, author = {Tan, Cheng and Yu, Lingfan and Leners, Joshua B. and Walfish, Michael}, biburl = {https://www.bibsonomy.org/bibtex/29365d41ce58601b3e758431384eade3c/s_bergmann}, description = {The Efficient Server Audit Problem, Deduplicated Re-execution, and the Web}, interhash = {be010c0d397f461b332a5c8ef38d2c82}, intrahash = {9365d41ce58601b3e758431384eade3c}, keywords = {php}, note = {cite arxiv:1709.08501Comment: extended version of a publication at SOSP 2017}, timestamp = {2017-12-30T11:12:40.000+0100}, title = {The Efficient Server Audit Problem, Deduplicated Re-execution, and the Web}, url = {http://arxiv.org/abs/1709.08501}, year = 2017 }