However, once a portion of the code is moved to the client, a malicious user can easily subvert the client side of the computation and potentially jeopardize sensitive server state, as shown below. The client can easily tamped with the data and manipulate the code residing on the client.
We propose Ripley, a system that uses replicated execution to automatically preserve the integrity of a distributed computation. Ripley replicates a copy of the client-side computation on the trusted server tier. Every client-side event is transferred to the replica of the client for execution.
Ripley observes results of the computation, both as computed on the client-side and on the server side using the replica of the client-side code. Any discrepancy is flagged as a potential violation of computational integrity. We demonstrate that Ripley is able to reliably secure five complex and representative AJAX applications with minimal performance overhead. An architectural diagram of Ripley is shown in the figure below.
Ripley is built on top of Live Labs Volta, a distributing compiler for building AJAX applications.
- K.Vikram, Abhishek Prateek, and Ben Livshits, Ripley: Automatically Securing Web 2.0 Applications Through Replicated Execution, in Proceedings of the Conference on Computer and Communications Security, Association for Computing Machinery, Inc., 10 November 2009.
- K.Vikram, Abhishek Prateek, and Ben Livshits, Ripley: Automatically Securing Distributed Web Applications Through Replicated Execution, no. MSR-TR-2008-178, 18 November 2008.
- K. Vikram (Cornell), 2008
- Abhishek Prateek (IIT Dehli), 2008