FBase: Trustworthy code module execution
More Info
expand_more
Abstract
For decades the idea of re-usable software has been seen as the holy grail of software development. But up until recently, there was more discussion about software re-use than actual software re-use. Even though most software uses the same blocks of code over and over again, almost all software is built from the ground up. Today, this situation is completely different. Nowadays, almost every application re-uses software in the form of software dependencies. However, this re-use pattern is starting to become unchecked. The shift to re-usable software has happened so quickly, the risks associated with choosing the right dependencies are often overlooked. In the current research, there exists a gap in the balance between re-usability and usability. This work tries to fill that gap. People have tried solving the problem of software re-use, but it has proven to be a hard problem. There needs to be a trade-off between re-usability and usability. This thesis focuses its work on developing a framework that continues the progression in the develop- ment of re-usable code. This is achieved by enabling trustworthy code and providing runtime support. A key property is permission-less code execution at near-zero cost. The concept, called FBase, sets out to achieve the balance between re-usability and usability by limiting the granularity of re-usable modules to a distinct set of four component types. To further enhance the us- ability of FBase, an ecosystem was proposed to mask the negative effects that are associated with re-usability. Previous attempts at solving the re-usability problem have mostly focused on a technical level in contrast to FBase which also incorporates social and policy aspects. By integrating sub-systems into an ecosystem it improves the usability of the framework. A proof-of-concept implementation is created to support the eval- uation of the concept. To be considered successful, FBase needs to perform properly on a technical and functional level. The evaluation showed that FBase can be used in a non-trivial use-case, by creating a fully functioning example that demonstrates the composition and construction of an application with interchangeable trust models. It was demonstrated that real-world practical problems can be solved using this framework. The main advantage that the framework provided in the use-case was the introduction of modularity. On one hand, it has the benefit of flexibility and variety in use. On the other hand, modularization improves the manageability of maintenance for complex software like Tribler. One of the disadvantages that followed from the use-case was the increased time that modules on FBase took to develop the application compared to implementing it in a monolithic architecture. A second more general disadvantage is that the module interconnect limits the complexity of the interaction between mod- ules. This disadvantage did not limit the development of this use-case but changes the way applications need to be developed. To test the robustness and flexibility of the framework, an experiment was performed to try to create a proof-of-concept prototype of an Android application that could run the same stack of code to extend the ecosystem to mobile platforms. FBase delivers a concept that complies with the requirements that were set out and offers a balanced ap- proach of re-usability and usability. In essence, FBase is a platform for building applications consisting of re-usable code. This makes it similar to Python with the Pip dependency manager or NodeJS and its depen- dency manager NPM. However, these existing platforms make use of centralized approaches and do not solve the trust aspect of using external dependencies in contrast to FBase.