practicing oblivious access on cloud storage the gap
play

Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and - PowerPoint PPT Presentation

May 22, 2023 •13 likes •483 views

Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1 , Muhammad Naveed 1,3 , Xiaorui Pan 2 , XiaoFeng Wang 2 , and Yan Huang 2 1 University of Illinois at Urbana-Champaign 2 Indiana

  1. Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1 , Muhammad Naveed 1,3 , Xiaorui Pan 2 , XiaoFeng Wang 2 , and Yan Huang 2 1 University of Illinois at Urbana-Champaign 2 Indiana University Bloomington 3 Cornell University

  2. Cloud Storage Cloud Storage Service Application file2 file1 file4 file3 User Side

  3. Cloud Storage Cloud Storage Service get(file1) Application file2 file1 put(file1, data1) file4 file3 get(file2) User Side

  4. Cloud Storage Cloud Storage Service get(file1) Application file2 file1 put(file1, data1) file4 file3 get(file2) User Side

  5. Cloud Storage Cloud Storage Service get(file1) Application file2 file1 put(file1, data1) file4 file3 get(file2) User Side Leaks access pattern

  6. Background: Oblivious RAM • Obliviousness: • For any fixed size request sequence, the associated storages accesses observed (by the cloud) are statistically independent of the requests • Techniques • Operates on fixed size data blocks • Encrypt blocks with ciphertext indistinguishability • Dummy accesses, re-encryption, shuffling, etc.

  7. Oblivious Cloud Storage Cloud Storage Service Application ORAM Client Trusted User Side

  8. Oblivious Cloud Storage Cloud Storage Service get(key1) Application ORAM Client put(key1, val1) get(key2) Trusted User Side

  9. Oblivious Cloud Storage Cloud Storage 7 ) t 5 e c o b j d ( o a n l o w d Service download(object32) get(key1) Application ORAM Client u p l o a d ( o b j e c t 1 5 , d a t a 4 ) download(object3) put(key1, val1) download(object28) upload(object65, data19) download(object11) get(key2) download(object44) u p l o a d ( o b j e c t 7 3 , d a t a 2 6 ) Trusted User Side

  10. How close is ORAM to practice? • Are ORAM designs in line with the constraints of real-world cloud services? • How close are ORAM techniques to offering practical support to cloud applications? • Are we on the right track to narrow the gap?

  11. Assumptions in ORAM literature 1. Bandwidth overhead is a good proxy metric • So, minimizing it optimizes application performance 2. Application is not taken into account • Implicit assumption that application has no impact on performance Assumptions influence the way the problem is thought about and guide the research agenda.

  12. Contribution

  13. Contribution 1 ORAM Literature Chose 4 representative ORAM designs

  14. Contribution 1 ORAM Literature Build ORAM Systems Chose 4 representative ORAM designs

  15. Contribution 2 App 1 Performance ORAM ORAM Data Literature Build ORAM Systems Chose 4 representative ORAM designs Cloud Storage Evaluation Platform

  16. Contribution 2 App 1 Performance ORAM ORAM Data Literature Build ORAM Systems Chose 4 representative ORAM designs Cloud Storage Evaluation Platform 3 How ORAMs work on cloud storage What real apps need New understanding

  17. Contribution 2 App 1 Performance ORAM ORAM Data Literature Build ORAM Systems Chose 4 representative ORAM designs Cloud Storage Evaluation Platform 3 How ORAMs work on cloud storage 4 CURIOUS Design What real apps (New ORAM Framework) need New understanding

  18. ORAM Systems We Built 1. Tree-based: PathORAM 2. Layered-based: LayeredORAM 3. Large messages-based: PracticalOS 4. Partition-based: ObliviStore 1. [PathORAM] Stefanov, Emil, et al. "Path ORAM: An Extremely Simple Oblivious RAM Protocol." CCS 2013. 2. [LayeredORAM] Goodrich, Michael, et al. "Oblivious RAM simulation with efficient worst-case access overhead." CCSW 2011. 3. [PracticalOS] Goodrich, Michael, et al. "Practical oblivious storage." CODASPY 2012. 4. [ObliviStore] Stefanov, Emil, and Elaine Shi. "Oblivistore: High performance oblivious cloud storage." S&P 2013.

  19. Application Selection • We use Filebench: filesystem benchmarking tool • Able to emulate several applications, e.g.: • Mail server • File server • Web proxy • Web server

  20. Methodology

  21. Methodology Amazon S3 application extract logs Filebench accesses bucket traces client

  22. Methodology Amazon S3 application extract logs Filebench accesses bucket traces client Amazon No ORAM varmail S3 accesses PathORAM webproxy requests ObliviStore webserver PracticalOS fileserver performance LayeredORAM application data client

  23. Findings

  24. Bandwidth overhead as a proxy for response time

  25. Bandwidth overhead as a proxy for response time

  26. Bandwidth overhead as a proxy for monetary cost

  27. Bandwidth overhead as a proxy for monetary cost

  28. Bandwidth overhead as a proxy for monetary cost PathORAM

  29. Application traces • Slowdown := time with ORAM / time without ORAM … time interval without ORAM Time … time interval with ORAM Time

  30. Application Traces • According to slowdown measurements: • ObliviStore could easily handle two applications (i.e., varmail and webproxy), but could not handle the other two (i.e., webserver and fileserver) • PathORAM could not handle any of the four applications (it experienced slowdowns ranging from 3 to 92) • In all cases, the monetary cost of running on top of ORAM was roughly 100 times (or more) than running without ORAM

  31. PracticalOS & LayeredORAM • Neither of the two schemes could support any of the applications • PracticalOS has a low response time for requests • but a long and expensive reshuffling phase • The cost of operating PracticalOS for varmail is roughly 15 USD / min

  32. Main Findings • Bandwidth overhead is not the bottleneck • Network latency is the bottleneck • Many real applications require the ORAM to process requests concurrently • Downloads and uploads do not have the same cost

  33. Asynchronicity & Concurrent Request Processing • ObliviStore can process multiple requests concurrently and offer an asynchronous interface • Others (e.g., PathORAM) are fundamentally synchronous • The current request must be fully completed before the processing of the next request can start • ORAM schemes do not appear to consider asynchronicity as a crucial property • 3 out of 39 published papers have this property

  34. Asynchronicity is a MUST! • Asynchronicity has never been a main design goal. • But , we found that: 1. Asynchronicity is not only desirable but actually necessary • No synchronous ORAM scheme can fully support cloud applications 2. Asynchronicity is difficult • E.g., the implementation of ObliviStore did not get it right

  35. Bandwidth Asymmetricity • S3: the monetary cost of an upload is 12.5 times that of a download

  36. Bandwidth Asymmetricity • S3: the monetary cost of an upload is 12.5 times that of a download 120 Median Response Time (ms) 90 60 30 0 1KB 2KB 4KB 8KB 16KB 32KB 64KB GET PUT

  37. Bandwidth Asymmetricity • S3: the monetary cost of an upload is 12.5 times that of a download 120 Median Response Time (ms) 90 60 30 0 1KB 2KB 4KB 8KB 16KB 32KB 64KB GET PUT

  38. Bandwidth-only evaluation is INACCURATE! • Overhead evaluation: total bandwidth only in existing literature • Bandwidth overhead := download overhead + upload overhead • But , experimentally, their performance and monetary cost are different • Failure to incorporate this experimental insight in our thinking could lead us to make incorrect conclusions about how schemes perform in practice • Example: which is better? • Scheme 1: 20 download overhead, 20 upload overhead • Scheme 2: 40 download overhead, 10 upload overhead

  39. CURIOUS

  40. Novel ORAM Framework: CURIOUS • Based on our findings, we propose CURIOUS • Simple design: • Flexible due to modular design • Simple concurrency model • Also, it preserves properties that applications expect from cloud • e.g., reliability

  41. CURIOUS performs better than ObliviStore 4 3.25 Slowdown 2.5 1.75 1 varmail webproxy webserver fileserver ObliviStore CURIOUS

  42. CURIOUS performs better than ObliviStore • Monetary cost is only half to two-thirds 4 3.25 Slowdown 2.5 1.75 1 varmail webproxy webserver fileserver ObliviStore CURIOUS

  43. CURIOUS performs better than ObliviStore • Monetary cost is only half to two-thirds 4 3.25 Slowdown 2.5 1.75 1 varmail webproxy webserver fileserver ObliviStore CURIOUS

  44. CURIOUS performs better than ObliviStore • Monetary cost is only half to two-thirds 4 3.25 Slowdown 2.5 1.75 1 varmail webproxy webserver fileserver ObliviStore CURIOUS

  45. CURIOUS performs better than ObliviStore • Monetary cost is only half to two-thirds • Even though • CURIOUS uses 2X the bandwidth of ObliviStore 4 3.25 Slowdown 2.5 1.75 1 varmail webproxy webserver fileserver ObliviStore CURIOUS

  46. Conclusions • Oblivious RAM has come a long way… • … and there is a long way to go still… • But we found: • In theory there is no difference between theory and practice • But in practice, there is. • Lesson: • align theory to practice • evaluate theory on practical systems

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cloud Radio Access Downlink with Backhaul Constrained Oblivious Processing Shlomo Shamai

Cloud Radio Access Downlink with Backhaul Constrained Oblivious Processing Shlomo Shamai

Page 1 of 66 Cloud Radio Access Downlink with Backhaul Constrained Oblivious Processing Shlomo Shamai Department of Electrical Engineering Technion Israel Institute of Technology Joint work with S.-H. Park, O. Simeone and O. Sahin HyNeT

684 views • 66 slides
Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search

Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search

Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search Ph.D. Dissertation Defense Zeeshan Pervez Department of Computer Engineering Kyung Hee University, Global Campus, Korea email:

650 views • 24 slides
Access Control in Untrusted Cloud Storage using Unidirectional Re-encryption Zach Kissel, Jie

Access Control in Untrusted Cloud Storage using Unidirectional Re-encryption Zach Kissel, Jie

Access Control in Untrusted Cloud Storage using Unidirectional Re-encryption Zach Kissel, Jie Wang University of Massachusetts Lowell The Cloud Cloud storage makes many promises: Data can be accessed anywhere at any time No

698 views • 42 slides
Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined) Administrative discussions Stephen McCamant University of Minnesota Multi-Cloud Oblivious Storage Old and new topics in security Cloud threats, old and new

645 views • 8 slides
A Language for Probabilistically Oblivious Computation David Darais , Ian Sweet, Chang Liu,

A Language for Probabilistically Oblivious Computation David Darais , Ian Sweet, Chang Liu,

A Language for Probabilistically Oblivious Computation David Darais , Ian Sweet, Chang Liu, Michael Hicks Secure Storage S[42] secret Cloud You s = S[42] Storage S[s] secret Implementation = encrypt the data Read/write indices

787 views • 59 slides
Cloud Storage Nabil Abdennadher nabil.abdennadher@hesge.ch 1 Cloud storage Objective

Cloud Storage Nabil Abdennadher nabil.abdennadher@hesge.ch 1 Cloud storage Objective

Cloud Storage Nabil Abdennadher nabil.abdennadher@hesge.ch 1 Cloud storage Objective Provide logical storage pools that abstract a more complex distributed infrastructure made of commodity hardware Separate storage service

627 views • 15 slides
Lower Bound! Kasper Green Larsen Jesper Buus Nielsen Oblivious RAM Introduced by Goldreich

Lower Bound! Kasper Green Larsen Jesper Buus Nielsen Oblivious RAM Introduced by Goldreich

Yes, There is an Oblivious RAM Lower Bound! Kasper Green Larsen Jesper Buus Nielsen Oblivious RAM Introduced by Goldreich and Ostrovsky in 1996 Encrypts the memory access pattern of a random-access algorithm Oblivious RAM, Model

505 views • 32 slides
Cloud storage state of affairs Storage clusters contain thousands of storage nodes, with e.g. 500

Cloud storage state of affairs Storage clusters contain thousands of storage nodes, with e.g. 500

A mathematical theory of distributed storage Dagstuhl workshop (16321) Coding in the time of Big Data Michael Luby August 8, 2016 Research Cloud storage state of affairs Storage clusters contain thousands of storage nodes, with e.g. 500 TB

796 views • 37 slides
A Simulation-based Evaluation of a Hybrid Storage System combining P2P, F2F, and Cloud storage

A Simulation-based Evaluation of a Hybrid Storage System combining P2P, F2F, and Cloud storage

. . A Simulation-based Evaluation of a Hybrid Storage System combining P2P, F2F, and Cloud storage with a Distributed Reputation System Anders Skoglund andsk668@student.liu.se November 04, 2013 . Cloud storage P2P storage F2F storage

660 views • 36 slides
Large objects in the Cloud Thursday, 11 April 13 Riak Cloud Storage Cloud Storage software

Large objects in the Cloud Thursday, 11 April 13 Riak Cloud Storage Cloud Storage software

Large objects in the Cloud Thursday, 11 April 13 Riak Cloud Storage Cloud Storage software backed by Riak Simple API Multi-tenant, Per-tenant Reporting Pluggable Authentication Multi Data Center Replication (Enterprise)

369 views • 18 slides
K Pre-Post Cloud Tutorial for accessing the K Global File Storage RIKEN R-CCS JULY 2, 2018

K Pre-Post Cloud Tutorial for accessing the K Global File Storage RIKEN R-CCS JULY 2, 2018

K Pre-Post Cloud Tutorial for accessing the K Global File Storage RIKEN R-CCS JULY 2, 2018 Access the GFS using SFTP (1/2) Users can access the K global file storage (GFS) via GFS-GW (GFS-gateway). In this slide, we explain a way to

51 views • 4 slides
Could Cloud Storage Be Disrupted in the Next Decade? Andromachi Chatzieleftheriou, Ioan

Could Cloud Storage Be Disrupted in the Next Decade? Andromachi Chatzieleftheriou, Ioan

Could Cloud Storage Be Disrupted in the Next Decade? Andromachi Chatzieleftheriou, Ioan Stefanovici , Dushyanth Narayanan Benn Thomsen, Antony Rowstron Microsoft Research Cloud Storage Landscape: Yesterday + Today Storage Technologies $$$$

147 views • 12 slides
Research in an Open Cloud Exchange CLOUD COMPUTING IS HAVING A DRAMATIC IMPACT On-demand

Research in an Open Cloud Exchange CLOUD COMPUTING IS HAVING A DRAMATIC IMPACT On-demand

Research in an Open Cloud Exchange CLOUD COMPUTING IS HAVING A DRAMATIC IMPACT On-demand access Economies of scale All compute/storage will move to the cloud? Todays IaaS clouds One company responsible for implementing and

1.11k views • 65 slides
GLUSTER The storage for your Hybrid Cloud Amar Tumballi, Manager, Storage Engineering

GLUSTER The storage for your Hybrid Cloud Amar Tumballi, Manager, Storage Engineering

GLUSTER The storage for your Hybrid Cloud Amar Tumballi, Manager, Storage Engineering Maintainer, GlusterFS SDC India - 24th May, 2018 CONTENTS Define: Hybrid Cloud & Infrastructure Understand: What are the storage needs of hybrid

527 views • 16 slides
Update on NIIFI's storage and cloud related activities TF-Storage Meeting September 27, 2012

Update on NIIFI's storage and cloud related activities TF-Storage Meeting September 27, 2012

Update on NIIFI's storage and cloud related activities TF-Storage Meeting September 27, 2012 Dubrovnik, Croatia Szabolcs Szkelyi <szekelyi@niif.hu> Agenda Storage infrastructure update Archiving service Cloud GUI

877 views • 18 slides
Verifiability for Cloud Storage and Computation Melek nen July 5th, 2016 Lorient Joint

Verifiability for Cloud Storage and Computation Melek nen July 5th, 2016 Lorient Joint

Verifiability for Cloud Storage and Computation Melek nen July 5th, 2016 Lorient Joint work with Monir Azraoui, Kaoutar Elkhiyaoui, Refik Molva Cloud Outsourcing Storage and Computation Data storage Data processing [Cloud Security

393 views • 23 slides
Performance analysis and performance modeling of web-applications Dr. Heinz Kredel Dr.

Performance analysis and performance modeling of web-applications Dr. Heinz Kredel Dr.

Performance analysis and performance modeling of web-applications Dr. Heinz Kredel Dr. Hans-Gnther Kruse Dr. Ingo Ott University of Mannheim IT-Center 3PGCIC 2011 - Barcelona 2 University of Mannheim - IT-Center - Dr. Ingo Ott Agenda

418 views • 21 slides
Measuring and Reasoning About Performance Readings: 1.4-1.5 1 Goals for this Class

Measuring and Reasoning About Performance Readings: 1.4-1.5 1 Goals for this Class

Measuring and Reasoning About Performance Readings: 1.4-1.5 1 Goals for this Class Understand how CPUs run programs How do we express the computation the CPU? How does the CPU execute it? How does the CPU support other

1.35k views • 114 slides
+ Design of Parallel Algorithms Course Introduction + CSE 4163/6163 Parallel Algorithm Analysis

+ Design of Parallel Algorithms Course Introduction + CSE 4163/6163 Parallel Algorithm Analysis

+ Design of Parallel Algorithms Course Introduction + CSE 4163/6163 Parallel Algorithm Analysis & Design n Course Web Site: http://www.cse.msstate.edu/~luke/Courses/fl16/CSE4163 n Instructor: Ed Luke n Office: Butler 330 (or HPCC

214 views • 19 slides
Performance Questions How to characterize the performance of applications and systems?

Performance Questions How to characterize the performance of applications and systems?

Performance Questions How to characterize the performance of applications and systems? Users requirements in performance and cost? How about performance measurement? How will system perform when having more resources or How will

262 views • 15 slides
OUTLINE Introduction Scalability Evaluation Scalability Enhancement Approach

OUTLINE Introduction Scalability Evaluation Scalability Enhancement Approach

R. Hashemian 1 , D. Krishnamurthy 1 , M. Arlitt 2 , N. Carlsson 3 1. University of Calgary 2. HP Labs 3. Linkping University by : Raoufehsadat Hashemian The 4th ACM/SPEC International Conference on Performance Engineering ICPE 2013 OUTLINE

717 views • 22 slides
100 Drupal performance and scalability best practices Gord Christmas gord.christmas@acquia.com

100 Drupal performance and scalability best practices Gord Christmas gord.christmas@acquia.com

100 Drupal performance and scalability best practices Gord Christmas gord.christmas@acquia.com Saturday, April 6, 13 1 Long tail of performance tuning 20% of the performance tuning will give 50% of the improvements Potentially a hundred

363 views • 10 slides
SEDA: An Architecture for Well-Conditioned, Scalable Internet Services Matt Welsh, David Culler,

SEDA: An Architecture for Well-Conditioned, Scalable Internet Services Matt Welsh, David Culler,

SEDA: An Architecture for Well-Conditioned, Scalable Internet Services Matt Welsh, David Culler, and Eric Brewer Computer Science Division University of California, Berkeley Symposium on Operating Systems Principles (SOSP), October 2001

466 views • 24 slides
Performance Tuning best pracitces and performance monitoring with Zabbix Andrew Nelson Senior

Performance Tuning best pracitces and performance monitoring with Zabbix Andrew Nelson Senior

Performance Tuning best pracitces and performance monitoring with Zabbix Andrew Nelson Senior Linux Consultant May 28, 2015 NLUUG Conf, Utrecht, Netherlands Overview Introduction Performance tuning is Science! A little Law and

595 views • 47 slides

More recommend