Auditing Outsourced Services

Duke Computer Science Colloquium
Speaker Name
Cheng Tan
Date and Time
-
Location
LSRC D106
Notes
Lunch served at 11:45 am.
Abstract

How can users of a cloud service verify that the service truly performs as promised? This question is vital today because clouds are complicated black boxes, running in different administrative domains from users. Their correctness can be undermined by internal corruptions---misconfigurations, operational mistakes, insider attacks, unexpected failures, or adversarial control at any layer of the execution stack.

This talk will present verifiable infrastructure, a framework that lets users audit outsourced applications and services. I will introduce two systems: Orochi and Cobra, which verify the execution of, respectively, untrusted servers and black-box databases. Orochi and Cobra introduce various techniques, including deduplicated re-execution, consistent ordering verification, GPU accelerated pruning, and others. Beyond these two systems, I will also discuss verifiable infrastructure more generally.

Short Biography

Cheng Tan is a computer science Ph.D. candidate in the Courant Institute at New York University. His interests are in operating systems, networked systems, and security. His work on the Efficient Server Audit Problem was awarded best paper at SOSP 2017. His work on data center network troubleshooting at Microsoft Research has been deployed globally in more than 30 data centers in Microsoft Azure.

Host
Jeff Chase