However, once a portion of the code has moved to the client, a malicious user can subvert the client side of the computation, jeopardizing the integrity of the server-side state. In this project we propose Ripley, a system that uses replicated execution to automatically preserve the integrity of a distributed computation. Ripley replicates a copy of the client-side computation on the trusted server tier. Every client-side event is transferred to the replica of the client for execution. Ripley observes results of the computation, both as computed on the client-side and on the server side using the replica of the client-side code. Any discrepancy is flagged as a potential violation of computational integrity.
Ben Livshits is a researcher at Microsoft Research in Redmond, WA. He received a B.A. from Cornell University in 1999, and his M.S. and Ph.D. from Stanford University in 2002 and 2006, respectively. Dr. Livshits's research interests include application of sophisticated static and dynamic analysis techniques to finding errors in programs.
He is known for his work on software reliability and especially tools to improve software security, with a primary focus on approaches to finding buffer overruns in C programs and a variety of security vulnerabilities (cross-site scripting, SQL injections, etc.) in Web-based applications. Lately he has been focused on how Web 2.0 application reliability, performance, and security can be improved through a combination of static and runtime techniques.