[erlang-questions] Securely running code on an untrusted client

Bengt Kleberg <>
Tue Jan 8 08:27:19 CET 2008


travis,

if you want to let an untrusted client compute something for you it 
sounds like  this is what they say about the problem:
''We send out each work unit multiple times in order to make sure that 
the data is processed correctly''

ie you have several untrusted clients (that do not collaborate) that get 
the same data and then you check their answers.


this will not protect you from the client copying your data.


bengt
Those were the days...
    EPO guidelines 1978: "If the contribution to the known art resides
    solely in a computer program then the subject matter is not
    patentable in whatever manner it may be presented in the claims."


On 01/07/08 20:22, Travis Jensen wrote:
> Thanks for the reply, Ulf.  This seems like the inverse of what I want, 
> if I'm understanding it correctly.  This allows the client to run 
> untrusted code on the server, right?  What I want is to have the server 
> run trusted code on the client and be able to trust the result.
> 
> So, let me break it down a little more...
> 
> - Client connects to server.
> - Server sends code to client
> - Client runs process
> - Clients sends result to server
> - Server trusts client result
> 
> In the middle of this is the fact that I don't really trust the client, 
> so I would have to know that the result I get from the client is 
> actually the result of running the process I sent to the client and not 
> the result of some hack.  In general, there are two hack concerns: 
> hacking the running process to process differently and hacking the 
> resulting data stream to give a fake result.
> 
> I realize that this may be wishful thinking, but a month ago, having a 
> system that would scale significantly without introducing unbelievable 
> complexity into my code was also wishful thinking; then I found Erlang. :) 
> 
> tj
> 
> On Jan 7, 2008 12:01 AM, Ulf Wiger (TN/EAB) < 
> <mailto:>> wrote:
> 
>     Travis Jensen skrev:
>      > I've been looking around online and haven't seen anything to
>     contradict
>      > what I assume to be the case, but I'm unfamiliar enough with
>     Erlang that
>      > I figure I should ask.
>      >
>      > Assuming I have a server on one system and a client on another system
>      > that exists out somewhere else in the broad, scary internet.  The
>     server
>      > is trusted, the client is not.  The network connection between
>     the two
>      > is not trusted.
>      >
>      > Is there any way to run trusted code on the client?
> 
>     As far as I know, the closest you will get right now with
>     Erlang is ErlHive.
> 
>       http://erlhive.sourceforge.net/
> 
>     ErlHive is sort of presented as a web application development
>     framework, but is really mainly a multi-user back-end with
>     safe code execution. It happens to have a front-end application
>     which hooks into Yaws, and enables user authentication via
>     HTTP.
> 
>     ErlHive is able to compile modules from source, or interpret
>     erlang expressions. It forbids operations that are not known
>     to be safe, but also offers safe alternatives to many
>     operations that normally wouldn't be: a virtual file system,
>     process spawning, send & receive, ets tables, etc. All code
>     runs inside mnesia transactions.
> 
>     BR,
>     Ulf W
> 
> 
> 
> 
> -- 
> Travis Jensen
>  <mailto:>
> http://cmssphere.blogspot.com/
> Software Maven * Philosopher-in-Training * Avenged Nerd
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> erlang-questions mailing list
> 
> http://www.erlang.org/mailman/listinfo/erlang-questions



More information about the erlang-questions mailing list