View Full Document

29 views

Unformatted text preview:

Project Description We propose to develop the theoretical and engineering basis for the trustless dissemination of software We seek to develop the means to distribute and execute software among literally thousands of networked computers without compromising their integrity while minimizing the need for trust among participants and maximizing the usage of their collective computational resources To make this possible we propose to undertake a comprehensive investigation into the use of certifying compilers to produce efficient machine code that is equipped with a checkable certificate of compliance with the security integrity and privacy requirements necessary for its safe execution on unknown computers We propose not only to develop the enabling technology but also to build a demonstration system that allows developers to deploy rapidly and reliably applications that make use of the idle computing and storage resources of a network of computers perhaps spanning the entire Internet The general concept of making productive use of idle computational resources has been around for decades With the advent of the Internet the sum total of all idle resources is thought to be many times greater than the fastest supercomputers Therefore the prospect of harnessing this power has attracted an increasing number of researchers and in recent years some substantial progress has been made Many of the early successful applications have been devoted to solving basic problems in number theory and cryptography such as computing the digits of Pi 3 44 computing the factors of large numbers 53 and finding large primes 15 In just the last three years however the range of problems being attacked has been expanding rapidly to include global climate modeling 1 protein folding 42 AIDS drug research 25 the search for extraterrestrial life 57 video animation 21 cancer research 43 and more Participation by computer users has also been increasing For example in 1997 the Search for Extraterrestrial Life project created SETI Home in the hopes that thousands of computer owners might volunteer their excess CPU cycles The response has been extremely enthusiastic in May of 2000 the SETI Home project reported that over two million users were actively running their software This success has sparked a large number of related developments leading most recently to the formation of the Global Grid Forum 16 which is a consortium of researchers and developers intended to foster the development of a world wide distributed computing fabric Indeed interest in this mode of computing has reached the point where several commercial enterprises have launched with business models predicated on the ability to harness the Internet s idle computing cycles 11 12 13 43 This all seems to happen at an opportune time as developer demand for large scale computing resources is growing exemplified not only by SETI Home but also by such projects as the National Virtual Observatory 32 which plans to build a massive database of astronomical information and requires large scale parallel computation to achieve its goals While some researchers and commercial enterprises have successfully used the Internet as a massive computer significant technical hurdles prevent the full benefits of Internet scale distributed computing to be realized One set of fundamental problems lies in the nature of distributed computing itself because it is often extremely difficult or even impossible to divide a large computation into many small pieces in a way that avoids large communication overheads Interprocess communication is particularly problematic in Internet scale computing since many of the volunteering hosts might have slow or occasional links to the Internet for example some hosts might connect once a day by modem and any application that depends on rapid and reliable communication between hosts is therefore not likely to work well We do not propose to develop new algorithmic techniques for building distributed applications but rather to investigate the means by which a distributed computing fabric might be provided 1 Specifically we propose to investigate the problem of how the components of a distributed application may be disseminated to as many hosts as possible and with the greatest exploitation of their resources In our view a fundamental technical obstacle to achieving this goal is how to establish an appropriate trust relationship between an application developer and the owners of the host computers This trust relationship is crucial for several reasons Firstly host owners need to know before any software is installed that their safety and security requirements will be respected by any applications that are to be hosted on their computers Secondly host owners furthermore require a measure of protection against invasion of privacy so that any uses of personal information can be carefully controlled Finally developers must be able to modify and upgrade their applications freely and as a practical matter it is important that installing upgrades causes minimal risk and inconvenience for the host owners 1 See the SETI Home web page 54 for a glimpse into the inconveniences of performing upgrades Establishing these trust relationships is especially important for exploiting computing resources on the network Since users derive little or no direct benefit from the application software installed on their computers they may be expected to be especially sensitive to the reliability security and maintainability of the software Standing in the way of the establishment of the necessary trust relationships is the fact that the Internet environment simply provides no justification for such trust Malicious application developers abound and even benign developers are still often unable to produce safe reliable software When an application is run for the host s benefit as is ordinarily the case the host s owner is typically willing to assume the risks of unreliable software But if it is to be run for the benefit of others the host owners should and will demand strong privacy and security guarantees In other words for the purposes of exploiting its idle computational power the Internet is essentially a trustless environment The fundamental problem then is how to generate the necessary trust in a trustless environment Today trust is a matter of faith Furthermore in many cases host owners are forced to reexamine their trust each and every time the developer makes a software


Access the best Study Guides, Lecture Notes and Practice Exams

Loading Unlocking...
Login

Join to view Project Description and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Project Description and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?