Simpler & Safer Programming Models for Web Infrastructure & Applications

Abstract

The World Wide Web—the subset of the Internet that relies on the HTTP, TLS, TCP, IP, and DNS protocols—is a diverse collection of interconnected computer programs that prioritize security, reliability, and speed. Unfortunately, many of the programs that make up the Web are written using programming models—languages, interfaces, and tools—that were not designed to produce secure, reliable, or fast programs. In this work, we identify three programming models that limit the security, reliability, and/or performance of a particular area of the Web. For each flawed programming model, we design a new system that facilitates simpler and safer Web programs without sacrificing performance. In particular, we describe (1) Hammurabi, a framework for more easily writing, distributing, and debugging the security-critical code used to validate TLS certificates; (2) Juice, a system for writing simple and fast stateful serverless applications; and (3) Topaz, an architecture for composing and verifying contradictory DNS nameserver objectives at large CDNs. We implement a prototype of each system and evaluate each prototype based on the respective requirements (i.e., security, reliability, and/or performance) of the target area of the Web.