ti e e ffi cient server audit problem deduplicated re
play

Ti e E ffi cient Server Audit Problem, Deduplicated Re-execution, - PowerPoint PPT Presentation

Nov 24, 2022 •147 likes •805 views

Ti e E ffi cient Server Audit Problem, Deduplicated Re-execution, and the Web Cheng Tan, Lingfan Yu, Joshua B. Leners*, and Michael Wal fj sh NYU Department of Computer Science, Courant Institute *Two Sigma Investments company Amazon Web

  1. Ti e E ffi cient Server Audit Problem, Deduplicated Re-execution, and the Web Cheng Tan, Lingfan Yu, Joshua B. Leners*, and Michael Wal fj sh NYU Department of Computer Science, Courant Institute *Two Sigma Investments

  2. company Amazon Web Services wiki PHP Alice employee employee

  3. company Amazon Web Services Alice wiki PHP database request PHP runtime employee response web server employee OS hypervisor hardware

  4. company Amazon Web Services Alice wiki PHP database request PHP runtime employee response web server employee OS hypervisor hardware • Alice has con fj dence in the wiki's PHP code

  5. company Amazon Web Services Alice wiki PHP database request PHP runtime employee response web server employee OS hypervisor hardware • Alice has con fj dence in the wiki's PHP code • Still, lots of things can go wrong ...

  6. company Amazon Web Services Alice kiwi PHP wiki PHP database request PHP runtime employee response web server employee OS hypervisor hardware • Alice has con fj dence in the wiki's PHP code • Still, lots of things can go wrong ...

  7. company Amazon Web Services Alice wiki PHP database request PHP runtime PCP runtime employee response web server employee OS hypervisor hardware • Alice has con fj dence in the wiki's PHP code • Still, lots of things can go wrong ...

  8. company Amazon Web Services Alice wiki PHP database request PHP runtime employee response web server employee OS OS OS hypervisor hypervisor hardware • Alice has con fj dence in the wiki's PHP code • Still, lots of things can go wrong ...

  9. company Amazon Web Services Alice wiki PHP database request PHP runtime employee response web server web server employee OS hypervisor hardware • Alice has con fj dence in the wiki's PHP code • Still, lots of things can go wrong ...

  10. company Amazon Web Services Alice kiwi PHP wiki PHP database request PHP runtime PCP runtime employee response web server web server employee OS OS OS hypervisor hypervisor hardware • Alice has con fj dence in the wiki's PHP code • Still, lots of things can go wrong ...

  11. company Amazon Web Services Alice kiwi PHP wiki PHP database request PHP runtime PCP runtime employee response web server web server employee OS OS OS hypervisor hypervisor hardware • Alice has con fj dence in the wiki's PHP code • Still, lots of things can go wrong ...

  12. company Amazon Web Services Alice kiwi PHP wiki PHP database request PHP runtime PCP runtime employee response web server web server employee OS OS OS hypervisor hypervisor hardware • Alice has con fj dence in the wiki's PHP code • Still, lots of things can go wrong ... • Ti us, Alice wants to audit the delivered responses – Are they derived from executing the actual application?

  13. Ti e E ffi cient Server Audit Problem server program

  14. Ti e E ffi cient Server Audit Problem online phase server requests program clients responses

  15. Ti e E ffi cient Server Audit Problem online phase server requests program clients responses 1. server is untrusted; can respond arbitrarily 2. server is concurrent

  16. Ti e E ffi cient Server Audit Problem online phase trace server collector requests program clients responses trace 1. server is untrusted; can respond arbitrarily 2. server is concurrent

  17. company Amazon Web Services wiki PHP Alice kiwi PHP wiki PHP database request PHP runtime PCP runtime employee response web server web server employee OS OS OS trace hypervisor hypervisor collector hardware

  18. Ti e E ffi cient Server Audit Problem online phase audit phase trace server collector verifier requests program clients responses trace 1. server is untrusted; can respond arbitrarily 2. server is concurrent

  19. Ti e E ffi cient Server Audit Problem online phase audit phase trace server collector verifier requests program requests program + clients ? responses = responses trace 1. server is untrusted; can respond arbitrarily 2. server is concurrent

  20. Ti e E ffi cient Server Audit Problem online phase audit phase trace server collector verifier requests program requests program + clients ? responses = responses trace 1. server is untrusted; can respond arbitrarily 2. server is concurrent 3. veri fj er is weaker than server 4. server overhead is low; legacy applications supported

  21. 1. server is untrusted… 2. server is concurrent Ti e E ffi cient Server Audit Problem 3. veri fj er is weaker than server 4. server overhead is low... online phase audit phase trace server collector verifier requests program requests program + clients ? responses = responses trace

  22. 1. server is untrusted… 1. server is untrusted… 2. server is concurrent 2. server is concurrent Ti e E ffi cient Server Audit Problem 3. veri fj er is weaker than server 3. veri fj er is weaker than server 4. server overhead is low... 4. server overhead is low... online phase audit phase trace server collector verifier requests program requests program + clients ? responses = responses trace • Combination of these four is a new problem. • Execution integrity is complementary to program veri fj cation.

  23. 1. server is untrusted… 2. server is concurrent What about naive re-execution? 3. veri fj er is weaker than server 4. server overhead is low... online phase audit phase trace server verifier collector requests program clients responses trace

  24. 1. server is untrusted… 2. server is concurrent What about naive re-execution? 3. veri fj er is weaker than server 4. server overhead is low... online phase audit phase trace server verifier collector requests program clients responses delivered responses trace ? = produced responses

  25. ✔ 1. server is untrusted… ✔ 2. server is concurrent What about naive re-execution? ❌ 3. v 3. veri eri fj fj er is weaker than server er is weaker than server ✔ 4. server overhead is low... online phase audit phase trace server verifier collector requests program clients responses delivered responses trace ? = produced responses • Ti is does not save the veri fj er work.

  26. ✔ ❓ 1. server is untrusted… 1. server is untrusted… 1. server is untrusted… ✔ ❓ 2. server is concurrent 2. server is concurrent 2. server is concurrent What about naive re-execution? ✔ ❌ 3. veri fj er is weaker than server 3. veri 3. veri fj er is weaker than server 3. v eri fj fj er is weaker than server er is weaker than server ❓ ✔ 4. server overhead is low... 4. server overhead is low... 4. server overhead is low... online phase audit phase trace server verifier collector requests program clients responses delivered responses trace ? = produced responses • Ti is does not save the veri fj er work. • Instead, we will accelerate re-execution.

  27. Rest of the talk 1. How does the veri fj er accelerate re-execution? (these two are in tension) 2. Why are shared objects (such as DBs) challenging? 3. Does our implementation for PHP perform well?

  28. Rest of the talk 1. How does the veri fj er accelerate re-execution? 1. How does the veri fj er accelerate re-execution? 2. Why are shared objects (such as DBs) challenging? 3. Does our implementation for PHP perform well?

  29. Accelerating re-execution: a 30,000-foot view server (online) verifier (offline) advice • Deduplicate computation across requests

  30. Poirot’s observation: repeated computation T. Kim, R. Chandra, and N. Zeldovich. Efficient patch-based audi>ng for web applica>ons. OSDI , 2012

  31. Poirot’s observation: repeated computation T. Kim, R. Chandra, and N. Zeldovich. Efficient patch-based audi>ng for web applica>ons. OSDI , 2012

  32. Poirot’s observation: repeated computation req i “My paper” req j “Another paper” T. Kim, R. Chandra, and N. Zeldovich. Efficient patch-based audi>ng for web applica>ons. OSDI , 2012

  33. Poirot’s observation: repeated computation req i “My paper” requires trusting the requires trusting the req j advice advice “Another paper” T. Kim, R. Chandra, and N. Zeldovich. Efficient patch-based audi>ng for web applica>ons. OSDI , 2012

  34. We accelerate re-execution without trusting the server server (online) verifier (offline) C : tag → {set of reqs} for each tag: – execute C (tag) with SIMD-on-demand – conduct unanimity checks

  35. We accelerate re-execution without trusting the server server (online) verifier (offline) C : tag → {set of reqs} for each tag: – execute C (tag) with SIMD-on-demand – conduct unanimity checks SIMD-on-demand re-executes identical instructions once. server verifier req i req i +req j req j

  36. SIMD-on-demand eliminates redundant computation main(a,b): req i: a=1;b=2 c ← a * b req j: a=2;b=1 c ← c + 1

  37. SIMD-on-demand eliminates redundant computation main(a,b): req i: a=1;b=2 c ← a * b req j: a=2;b=1 c ← c + 1 a=[1,2] * b=[2,1] c=[2,2] req i +req j +1 * • Multi-value represents di ff erent values of the same variable.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 Handling Return Traffic Handling Return Traffic URL Switching URL Switching Idea: switch

1 Handling Return Traffic Handling Return Traffic URL Switching URL Switching Idea: switch

The Server Selection Problem The Server Selection Problem server array A server farm B Which server? Server Traffic Management Server Traffic Management not-so-great solutions static client binding manual selection HTTP forwarding Jeff

810 views • 3 slides
Server Traffic Management Server Traffic Management Jeff Chase Duke University, Department of

Server Traffic Management Server Traffic Management Jeff Chase Duke University, Department of

Server Traffic Management Server Traffic Management Jeff Chase Duke University, Department of Computer Science CPS 212: Distributed Information Systems The Server Selection Problem The Server Selection Problem server array A server farm B

430 views • 14 slides
CS 10: Problem solving via Object Oriented Programming Client/Server Agenda 1. Sockets 2.

CS 10: Problem solving via Object Oriented Programming Client/Server Agenda 1. Sockets 2.

CS 10: Problem solving via Object Oriented Programming Client/Server Agenda 1. Sockets 2. Server 3. Multithreaded server 4. Chat server 2 Sockets are a way for computers to communicate Client 1 makes connection over socket IP:

503 views • 35 slides
A Walk Around the SQL Server 2012 Audit Feature Timothy P. McAliley Microsoft Premier Field

A Walk Around the SQL Server 2012 Audit Feature Timothy P. McAliley Microsoft Premier Field

A Walk Around the SQL Server 2012 Audit Feature Timothy P. McAliley Microsoft Premier Field Engineer | SQL Server www.NetComLearning.com Speaker Introduction: Timothy P. McAliley 14+ years in IT Currently work for Microsoft Premier

937 views • 54 slides
GTUG Why using Deduplicated-storage Fernand Lussier VP Research and Development Nonstop File

GTUG Why using Deduplicated-storage Fernand Lussier VP Research and Development Nonstop File

GTUG Why using Deduplicated-storage Fernand Lussier VP Research and Development Nonstop File type Hypothesis of simulation 1. Dynamic file : 1 or 2 % of dynamic file change every day. And represented 50% of the data. Ex Cardholder master

599 views • 15 slides
HOMELESSNESS: AN OLD PROBLEM WITH NEW FACES? Matthew Wilkins, lead author UK National Audit

HOMELESSNESS: AN OLD PROBLEM WITH NEW FACES? Matthew Wilkins, lead author UK National Audit

HOMELESSNESS: AN OLD PROBLEM WITH NEW FACES? Matthew Wilkins, lead author UK National Audit Office of Homelessness, September 2017 Ab About t the UK Na K Nation onal al Au Audit t Offic fice e (NAO AO) The National Audit

398 views • 13 slides
Immutability, or Putting the Dream Machine to Work The trie memory scheme is ine ffi cient for

Immutability, or Putting the Dream Machine to Work The trie memory scheme is ine ffi cient for

Immutability, or Putting the Dream Machine to Work The trie memory scheme is ine ffi cient for small memories, but it be- comes increasingly e ffi cient in using available storage space as memory size increases. The attractive features of the

867 views • 62 slides
Immutability, or Putting the Dream Machine to Work The trie memory scheme is ine ffi cient for

Immutability, or Putting the Dream Machine to Work The trie memory scheme is ine ffi cient for

Immutability, or Putting the Dream Machine to Work The trie memory scheme is ine ffi cient for small memories, but it be- comes increasingly e ffi cient in using available storage space as memory size increases. The attractive features of the

940 views • 60 slides
Deduplicated Storage Danny Harnik, Moshik Hershcovitch, Yosef Shatsky, Amir Epstein, Ronen Kat

Deduplicated Storage Danny Harnik, Moshik Hershcovitch, Yosef Shatsky, Amir Epstein, Ronen Kat

IBM Research - Haifa Sketching Volume Capacities in Deduplicated Storage Danny Harnik, Moshik Hershcovitch, Yosef Shatsky, Amir Epstein, Ronen Kat Previous Works on Estimating Data Reduction Plenty of previous works on data reduction

352 views • 17 slides
Evolution of the Web 1 Client Server 2 2 / 22 1 Client Server 2 2 / 22 1 Client Server

Evolution of the Web 1 Client Server 2 2 / 22 1 Client Server 2 2 / 22 1 Client Server

E LIOM Tierless Web programming from the ground up Gabriel R ADANNE Jrme V OUILLON Vincent B ALAT Vasilis P APAVASILEIOU Evolution of the Web 1 Client Server 2 2 / 22 1 Client Server 2 2 / 22 1 Client Server DOM 2 2 / 22 1

778 views • 42 slides
Lecture 3. Su ffi ciency Lecture 3. Su ffi ciency 1 (114) 3. Su ffi ciency 3.1. Su ffi cient

Lecture 3. Su ffi ciency Lecture 3. Su ffi ciency 1 (114) 3. Su ffi ciency 3.1. Su ffi cient

0. Lecture 3. Su ffi ciency Lecture 3. Su ffi ciency 1 (114) 3. Su ffi ciency 3.1. Su ffi cient statistics Su ffi cient statistics The concept of su ffi ciency addresses the question Is there a statistic T ( X ) that in some sense contains

303 views • 14 slides
Server Server Server Server Server Datacenter Network (e.g., Ethernet, InfiniBand,

Server Server Server Server Server Datacenter Network (e.g., Ethernet, InfiniBand,

Chanwoo Chung , Jinhyung Koo, Junsu Im, Arvind , and Sungjin Lee DGIST and MIT NVRAMOS 19 2019.10.24 DATA -INTENSIVE COMPUTING SYSTEMS LAB ORATORY Computation Application Application Application Application Application

597 views • 48 slides
The Network Operation Centre of a RREN: The Network Operation Centre of a RREN: Anella Cient

The Network Operation Centre of a RREN: The Network Operation Centre of a RREN: Anella Cient

The Network Operation Centre of a RREN: The Network Operation Centre of a RREN: Anella Cient Anella Cient fica fica Maria Isabel Ganda Carriedo Communications Area, Systems & Networks Department, CESCA TF-NOC Preparation Meeting

731 views • 48 slides
Farmersville, Texas Audit Presentation September 30, 2017 Presented By: Louis Breedlove, Audit

Farmersville, Texas Audit Presentation September 30, 2017 Presented By: Louis Breedlove, Audit

Farmersville, Texas Audit Presentation September 30, 2017 Presented By: Louis Breedlove, Audit Manager June 26, 2018 1 OVERVIEW OF THE AUDIT PROCESS Audit Planning and Risk Assessment Audit Standards The audit was performed in

425 views • 13 slides
Section 3 Risk ASJ Stages of an Audit Audit Approaches ASJ In this approach, audit

Section 3 Risk ASJ Stages of an Audit Audit Approaches ASJ In this approach, audit

ASJ Section 3 Risk ASJ Stages of an Audit Audit Approaches ASJ In this approach, audit resources are targeted on testing large volumes of transactions and account balances without any particular focus on specified Substantive areas of

271 views • 16 slides
Parquet in Practice & Detail What is Parquet? How is it so e ffi cient? Why should I actually

Parquet in Practice & Detail What is Parquet? How is it so e ffi cient? Why should I actually

Parquet in Practice & Detail What is Parquet? How is it so e ffi cient? Why should I actually use it? About me Data Scientist at Blue Yonder (@BlueYonderTech) Committer to Apache {Arrow, Parquet} Work in Python, Cython, C++11 and

512 views • 22 slides
Variational Inference and Generative Models CS 294-112: Deep Reinforcement Learning Sergey

Variational Inference and Generative Models CS 294-112: Deep Reinforcement Learning Sergey

Variational Inference and Generative Models CS 294-112: Deep Reinforcement Learning Sergey Levine Class Notes 1. Homework 3 due next Wednesday 2. Accept CMT peer review invitations These are required (part of your final project grade)

652 views • 34 slides
Cold planar horizons are floppy Jorge E. Santos New frontiers in dynamical gravity In

Cold planar horizons are floppy Jorge E. Santos New frontiers in dynamical gravity In

Cold planar horizons are floppy Cold planar horizons are floppy Jorge E. Santos New frontiers in dynamical gravity In collaboration with Sean A. Hartnoll - arXiv:1402.0872 and arXiv:1403.4612 1 / 15 Cold planar horizons are floppy Motivation

1.05k views • 76 slides
Regional Health Improvement Plan Council March 17, 2020 1 Meeting Objectives SWACH updates

Regional Health Improvement Plan Council March 17, 2020 1 Meeting Objectives SWACH updates

Regional Health Improvement Plan Council March 17, 2020 1 Meeting Objectives SWACH updates Learn about clinical transformation work and P4P measures and advise for improvement Review Meeting Minutes and Action Items Vote on

399 views • 28 slides
CAPITALAND MALL TRUST Singapores First & Largest Retail REIT First Quarter 2019 Financial

CAPITALAND MALL TRUST Singapores First & Largest Retail REIT First Quarter 2019 Financial

CAPITALAND MALL TRUST Singapores First & Largest Retail REIT First Quarter 2019 Financial Results 24 April 2019 Disclaimer This presentation may contain forward-looking statements that involve assumptions, risks and uncertainties. Actual

1.07k views • 30 slides
An 8-core, 64-thread, 64-bit, power efficient SPARC SoC (Niagara2) Umesh Nawathe, Jim Ballard,

An 8-core, 64-thread, 64-bit, power efficient SPARC SoC (Niagara2) Umesh Nawathe, Jim Ballard,

An 8-core, 64-thread, 64-bit, power efficient SPARC SoC (Niagara2) Umesh Nawathe, Jim Ballard, Mahmudul Hassan, Tim Johnson, Rob Mains, Paresh Patel, Alan Smith Sun Microsystems Inc., Sunnyvale, CA 1 Outline Key Features and Architecture

522 views • 37 slides
KEY PARTNERS PARTNERS OCRT SCHOLARSHIP FUND FRIENDS THANK YOU TO ALL OUR 2018 OCRT SPONSORS

KEY PARTNERS PARTNERS OCRT SCHOLARSHIP FUND FRIENDS THANK YOU TO ALL OUR 2018 OCRT SPONSORS

KEY PARTNERS PARTNERS OCRT SCHOLARSHIP FUND FRIENDS THANK YOU TO ALL OUR 2018 OCRT SPONSORS #TextileExchange18 LATIN AMERICA Silvio Moraes Regional Ambassador, Textile Exchange #TextileExchange18 Zachary Angelini Manager of Environmental

417 views • 13 slides
Nernst Branes from special geometry David Errington March 5, 2015 arXiv:hep-th/1501 . 07863 Paul

Nernst Branes from special geometry David Errington March 5, 2015 arXiv:hep-th/1501 . 07863 Paul

Nernst Branes from special geometry David Errington March 5, 2015 arXiv:hep-th/1501 . 07863 Paul Dempster, DE, Thomas Mohaupt Outline Holographic Motivation Real formulation of special geometry Constructing Nernst branes Interpretation

719 views • 44 slides
FPGAs! Basic Concepts Building Blocks There are (3) fundamental building blocks found in

FPGAs! Basic Concepts Building Blocks There are (3) fundamental building blocks found in

FPGAs! Basic Concepts Building Blocks There are (3) fundamental building blocks found in digital devices interconnect gates flip flops Gates Flip-Flops D Q > Interconnect (or routing) D Q > D Q > D Q

1.19k views • 55 slides

More recommend