secure tera scale data crunching with a small tcb
play

Secure Tera-scale Data Crunching with a Small TCB Bruno Vavala Nuno - PowerPoint PPT Presentation

Aug 24, 2022 •312 likes •923 views

Secure Tera-scale Data Crunching with a Small TCB Bruno Vavala Nuno Neves Peter Steenkiste UL / CMU UL CMU 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN17) Goal delivering security guarantees for

  1. Secure Tera-scale Data Crunching with a Small TCB Bruno Vavala Nuno Neves Peter Steenkiste UL / CMU UL CMU 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’17)

  2. Goal delivering security guarantees for delivering security guarantees for generic and large-scale data large-scale data processing on untrusted hosts with a small TCB processing on untrusted hosts 2

  3. delivering security guarantees for large-scale data processing trusted on untrusted hosts with a small TCB HW based data integrity 3

  4. 1 TB delivering security guarantees for large-scale data processing on untrusted hosts with a small TCB 4

  5. small code delivering security guarantees for small large-scale data processing interface on untrusted hosts with a small TCB No HW devices 5

  6. Some use cases public cloud service provider 6

  7. Some use cases public cloud service provider computational genomics 0.3TB per genome 7

  8. …more generally…

  9. Model trusted hardware module P S V 9

  10. Model P 2. outsource large state 1. provide state authentication data S V 10

  11. Model 3. send 
 request P 2. outsource large state 1. provide state authentication data S V 11

  12. Model 3. send 
 request 4. execute 
 command P 2. outsource large state 1. provide state authentication data S V 12

  13. Model 3. send 
 request 4. execute 
 command P 2. outsource 5. receive 
 large state authenticated reply 1. provide state authentication data S V 13

  14. Outline • Goal • Previous Work • Our solution: key ideas and overview • Evaluation

  15. Outline • Goal • Previous Work • Our solution: key ideas and overview • Evalution

  16. Haven (OSDI’14) service — designed for Intel SGX — large TCB (due to libOS) libOS — 10s of new interface calls + works with 
 enclave unmodified applications interface picoprocess VHD host OS 16

  17. VC 3 (IEEE S&P’15) map & reduce — designed for Intel SGX functions — specific for Hadoop job execution + small TCB protocol + data confidentiality enclave + can run unmodified 
 narrow interface Hadoop applications process host OS 17

  18. A Niche in the State of the Art Trusted App small Large Interface Computing TCB State calls Specific arch. Haven No Yes tens No SGX (OSDI’14) Yes VC3 Yes R,W Yes SGX MapReduce (S&P’15) workloads XMHF- none Yes No No TPM / TXT TrustVisor 
 (but Minibox has tens) (S&P’13,’10) Yes Yes zero! No TV&SGX LaSt GT 18

  19. Outline • Goal • Previous Work • Our solution: key ideas and overview • Evalution

  20. untrusted env. trusted env. Scenario: two execution environments 20

  21. app’s execution flow untrusted env. trusted env. the service code is running 21

  22. app’s execution flow untrusted env. access data in block b i is b i in memory? trusted env. the service code accesses data in memory 22

  23. app’s execution flow untrusted env. access data in block b i is b i in memory? yes keep going trusted env. when data is available, there are no interruptions 23

  24. app’s execution flow untrusted env. access data in block b i handle page fault is b i in memory? no load data yes keep going trusted env. otherwise, the service is interrupted and 
 data memory pages are loaded 24

  25. app’s execution flow untrusted env. access data in block b i handle page fault is b i in memory? no load data yes keep going validate data trusted env. data is validated inside trusted environment, 
 independently from service execution 25

  26. app’s execution flow untrusted env. access data in resume block b i handle page fault is b i in memory? no load data yes keep going validate data trusted env. service is resumed and 
 only if data is valid, service can make progress 26

  27. …in practice…

  28. Architecture untrusted Trusted address Untrusted address space space other state service SMM untrusted services handler code (State map manager) trusted 
 OS Supervisor SGX/TPM Hardware 28

  29. Architecture untrusted Trusted address Untrusted address space space other state service SMM untrusted services handler code (State map manager) on TrustVisor, Supervisor is trusted on SGX, Supervisor is untrusted untrusted 
 OS Supervisor SGX/TPM Hardware 29

  30. LaSt GT in 5 steps 4 •Offline data protection at the source •State registration •Data processing •Lazy loading from memory & disk •Execution verification

  31. •Offline data protection at the source 1 •State registration •Data processing •Lazy loading from memory & disk •Verification

  32. 
 Data protection Hierarchical - Incremental as 
 data is created 
 0 1 0 0 0 1 1 1 1 0 1 0 0 0 0 1 0 0 0 1 1 1 1 0 1 0 0 0 Made for: bytes/block 2 10 2 40 2 15 - Incremental validation Tree size (bytes) 2 20 2 25 2 30 as data is loaded 2 30 - Fast verification 2 20 - Single hash tree is 2 10 unsuitable 2 20 2 25 2 30 2 35 2 40 State size (bytes) 32

  33. State Hierarchy root state root directory directory master chunks masterchunk chunks chunk chunk blocks files 33

  34. State Hierarchy - components are state root loaded separately - unneeded components directory not loaded in memory - state root (1 hash) masterchunk allows state validation masterchunk chunk chunk chunk chunk 34

  35. •Offline data protection at the source 2 •State registration •Data processing •Lazy loading from memory & disk •Verification

  36. Trusted address space Untrusted address space state service SMM handler code (State map manager) When the trusted execution environment is created, only the code is available inside OS Supervisor 36

  37. Trusted address space Untrusted address space state service SMM handler code (State map manager) grab root from disk OS Supervisor 37

  38. Trusted address space Untrusted address space state service SMM handler code (State map manager) grab root - registration is from disk the first register state execution - state handler installs root - root is trusted OS Supervisor 38

  39. Trusted address space Untrusted address space state service state SMM handler code root (State map manager) - state root is available 
 before service code runs 
 OS Supervisor 39

  40. •Offline data protection at the source 3 •State registration •Data processing •Lazy loading from memory & disk •Verification

  41. Trusted address space Untrusted address space state service state data SMM handler code root pages available pages NOT available - service code has view of entire state - state not readily available: inefficient loading it upfront OS Supervisor 41

  42. Trusted address space Untrusted address space state service state data SMM handler code root page hit on access - Service code execution begins - Service accesses data in memory - Data retrieval is fast if data is already available OS Supervisor 42

  43. Trusted address space Untrusted address space state service state data SMM handler code root page miss on access - Service code may access data 
 on missing pages OS Supervisor 43

  44. Trusted address space Untrusted address space state service state data SMM handler code root page - A page fault is triggered - Execution is interrupted, fault! seamlessly waiting to continue OS Supervisor 44

  45. 4 •Offline data protection at the source •State registration •Data processing •Lazy loading from memory & disk •Verification

  46. Trusted address space Untrusted address space state service state data SMM handler code root page fault! OS Supervisor 46

  47. Trusted address space Untrusted address space state service state data SMM handler code root page fault! grab state component - Let SMM handle missing data from disk - SMM loads data from disk page address OS Supervisor 47

  48. Trusted address space Untrusted address space state service state data SMM data handler code root page fault! - in TrustVisor, validate in place - in SGX, copy, validate, copy validate data OS Supervisor 48

  49. Trusted address space Untrusted address space state service state data SMM data handler code root page fault! - If Supervisor is trusted, 
 invalid data => no resume 
 (e.g.: TrustVisor) 
 data is valid - If Supervisor is untrusted 
 invalid data => no accept, 
 so no access (e.g.: SGX) OS Supervisor 49

  50. Trusted address space Untrusted address space state service state data SMM data handler code root page hit on access fault solved, data accessible on resume, continue… resume OS Supervisor 50

  51. - HW-based attestation of code identity, 
 including input request, state root, 
 output reply, nonce - Client checks validity of attestation 
 •Offline data protection at the source •Execution verification 5 and intended identities/hashes •State registration •Data processing •Lazy loading from memory & disk

  52. Outline • Goal • Previous Work • Our solution: key ideas and overview • Implemention(s) • Evaluation

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

X 1 ILC : PHYSICS FROM TERA- TO PLANCK-SCALE 1. Introduction X Physics base and

X 1 ILC : PHYSICS FROM TERA- TO PLANCK-SCALE 1. Introduction X Physics base and

X 1 ILC : PHYSICS FROM TERA- TO PLANCK-SCALE 1. Introduction X Physics base and perspectives 2. ILC Physics Targets in Micro-Universe X Electroweak Symmetry Breaking X Ultimate Unification / Supersymmetry X Extra Space

639 views • 37 slides
sqrrl sqrrl Secure. Scale. Adapt Secure. Scale. Adapt. Adam

sqrrl sqrrl Secure. Scale. Adapt Secure. Scale. Adapt. Adam

sqrrl sqrrl Secure. Scale. Adapt Secure. Scale. Adapt. Adam Fuchs, CTO 11 April, 2013 Sqrrl Data, Inc. All Rights Reserved Who Who We Are re

894 views • 21 slides
Real-time visualisation and analysis of tera-scale datasets Christopher Fluke Amr Hassan

Real-time visualisation and analysis of tera-scale datasets Christopher Fluke Amr Hassan

Real-time visualisation and analysis of tera-scale datasets Christopher Fluke Amr Hassan (Swinburne; PhD student), David Barnes (Monash University), Virginia Kilborn (Swinburne) Thank you to the SPS15 organizers for the invitation to speak

259 views • 21 slides
Survey: need for small-scale Estonian Latvian cooperation projects 1 Small-scale project u

Survey: need for small-scale Estonian Latvian cooperation projects 1 Small-scale project u

12/5/19 Survey: need for small-scale Estonian Latvian cooperation projects 1 Small-scale project u Budget up to 50 000 EUR u Simple application and reporting 2 1 12/5/19 Small-scale projects in EstLat Programme u 2004-2006: small

382 views • 5 slides
TERA CONTRIBUTIONS TO PARTNER Ugo Amaldi University of Milano Bicocca and TERA Foundation

TERA CONTRIBUTIONS TO PARTNER Ugo Amaldi University of Milano Bicocca and TERA Foundation

TERA CONTRIBUTIONS TO PARTNER Ugo Amaldi University of Milano Bicocca and TERA Foundation PARTNER UA 17.10.08 1 CNAO status PARTNER UA 17.10.08 2 The CNAO Foundation builds with INFN in Pavia the Centre designed by TERA

775 views • 26 slides
STANlite a database engine for secure data processing at rack-scale level IEEE International

STANlite a database engine for secure data processing at rack-scale level IEEE International

Institute of Operating Systems and Computer Networks STANlite a database engine for secure data processing at rack-scale level IEEE International Conference on Cloud Engineering (IC2E18) V. A. Sartakov, N. Weichbrodt, S. Krieter, T.

388 views • 37 slides
Small scale big data in the Finnish pharmaceutical product index compilation Ottawa Group

Small scale big data in the Finnish pharmaceutical product index compilation Ottawa Group

Small scale big data in the Finnish pharmaceutical product index compilation Ottawa Group conference / Eltville, Germany Kristiina Nieminen 10th May 2017 Content 1. Background and introduction of the data 2. The practices 1.

621 views • 16 slides
Nanostructures for Tera Tera- -bit Level bit Level Nanostructures for Charge Trap Flash

Nanostructures for Tera Tera- -bit Level bit Level Nanostructures for Charge Trap Flash

Nanostructures for Tera Tera- -bit Level bit Level Nanostructures for Charge Trap Flash Memories Charge Trap Flash Memories Byung-Gook Park, Il Han Park, Jung-Hoon Lee, Gil Sung Lee, Jang-Gn Yun Inter-University Semiconductor Research

307 views • 29 slides
Discount Rates in Small Scale Fisheries Discount Rates in Small Scale Fisheries L OUISE T EH I

Discount Rates in Small Scale Fisheries Discount Rates in Small Scale Fisheries L OUISE T EH I

Discount Rates in Small Scale Fisheries Discount Rates in Small Scale Fisheries L OUISE T EH I N H ONOUR OF D R . C OLIN C LARK C ONFERENCE UBC M AY 15 2012 UBC, M AY 15, 2012 C O R A L R E E F S Reef Fisheries Small scale, multi

373 views • 36 slides
Lecture 8: Number Crunching Todays topics: MARS wrap-up RISC vs. CISC Numerical

Lecture 8: Number Crunching Todays topics: MARS wrap-up RISC vs. CISC Numerical

Lecture 8: Number Crunching Todays topics: MARS wrap-up RISC vs. CISC Numerical representations Signed/Unsigned Addition 1 Example Print Routine .data str: .asciiz the answer is .text li $v0, 4

663 views • 21 slides
Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data Weichao Wang, Zhiwei Li, Rodney Owens, Bharat Bhargava CCSW 2009: The ACM Cloud Computing Security Workshop 1 The Problem Providing secure and

414 views • 19 slides
Using Spatial Gradient Information to Extract Small Scale Information from Observations With

Using Spatial Gradient Information to Extract Small Scale Information from Observations With

7 th International Symposium on Data Assimilation: 21 January 2019 Using Spatial Gradient Information to Extract Small Scale Information from Observations With Correlated Errors Jol Bdard and Mark Buehner Data Assimilation and Satellite

454 views • 18 slides
SMALL-SCALE FISHERIES: FROM POLICY TO IMPLEMENTATION 16 November 2015 BY: CRAIG SMITH Director:

SMALL-SCALE FISHERIES: FROM POLICY TO IMPLEMENTATION 16 November 2015 BY: CRAIG SMITH Director:

SANCOR SEMINAR SMALL-SCALE FISHERIES: FROM POLICY TO IMPLEMENTATION 16 November 2015 BY: CRAIG SMITH Director: Small-Scale Fisheries Management Presentation Outline Background to the development of Small-Scale Fisheries Architecture

197 views • 18 slides
Economics of Small Scale LNG Shipping: Application for Indonesia and SEA Eduardo Perez

Economics of Small Scale LNG Shipping: Application for Indonesia and SEA Eduardo Perez

Economics of Small Scale LNG Shipping: Application for Indonesia and SEA Eduardo Perez www.SMALL-LNG.com small-lng.com When and where to use Small LNG carriers Islands Seasonal consumption Isolated places / expensive pipelines

576 views • 20 slides
System for Collecting and Analysing Sport Player Physical Data Small or medium scale focused

System for Collecting and Analysing Sport Player Physical Data Small or medium scale focused

System for Collecting and Analysing Sport Player Physical Data Small or medium scale focused research project (STREP) Date of preparation : 23.11.2015. Work programme topic addressed ICT 16 2015: Big data research Name of the

810 views • 21 slides
Computers Crunching Computers Crunching Lipids Lipids From From Cell Cell Membranes

Computers Crunching Computers Crunching Lipids Lipids From From Cell Cell Membranes

Computers Crunching Computers Crunching Lipids Lipids From From Cell Cell Membranes Membranes to to Lipoproteins Lipoproteins Ilpo Ilpo Vattulainen Vattulainen Biological Physics & Soft Matter Team Biological Physics & Soft

785 views • 25 slides
Marsha Chechik Department of Computer Science University of Toronto CMU - April 2010 1

Marsha Chechik Department of Computer Science University of Toronto CMU - April 2010 1

Marsha Chechik Department of Computer Science University of Toronto CMU - April 2010 1 Dependable software: that can justifiably be depended upon, in safety- and mission-critical settings main concern: prevent catastrophes

595 views • 58 slides
Introduction Performance deterioration due to latencies of remote operations Most

Introduction Performance deterioration due to latencies of remote operations Most

Analysis of Remote Execution Models for Grid Middleware Andrei Hutanu , Stephan Hirmer, Gabrielle Allen, Andre Merzky Introduction Performance deterioration due to latencies of remote operations Most relevant when two entities have

697 views • 13 slides
Microservices with Apache Karaf and Apache CXF: practical experience Andrei Shakirin, Talend

Microservices with Apache Karaf and Apache CXF: practical experience Andrei Shakirin, Talend

Microservices with Apache Karaf and Apache CXF: practical experience Andrei Shakirin, Talend Agenda Microservices and OSGi Core ideas of OSGi Apache Karaf Design and develop in OSGi: the history of one project Remote

666 views • 47 slides
Triquetrum integrating workflows in scientific software Erwin De Ley, iSencia & Christopher

Triquetrum integrating workflows in scientific software Erwin De Ley, iSencia & Christopher

Triquetrum integrating workflows in scientific software Erwin De Ley, iSencia & Christopher Brooks, UC Berkeley Agenda Intro - Scientific software context Triquetrum overview Workflow features Task processing

986 views • 44 slides
X10 Cluster SSH access X10 on your PC Eclipse for X10: x10dt From Eclipse to

X10 Cluster SSH access X10 on your PC Eclipse for X10: x10dt From Eclipse to

X10 Cluster SSH access X10 on your PC Eclipse for X10: x10dt From Eclipse to the cluster Cluster Access via ssh through labsrv0.math.unipd.it Cluster description: http://numlab.math.unipd.it/ labsrv0 is the submit

333 views • 32 slides
Web Services Distributed computing framework Similar to CORBA or EJBs Designed to

Web Services Distributed computing framework Similar to CORBA or EJBs Designed to

Web Services Distributed computing framework Similar to CORBA or EJBs Designed to make software components available for remote execution Features (from IBM tutorial): Self-contained, self-describing, modular

96 views • 8 slides
Symbolic Execution of Security Protocol Impl.: Handling Cryptographic Primitives Mathy Vanhoef

Symbolic Execution of Security Protocol Impl.: Handling Cryptographic Primitives Mathy Vanhoef

Symbolic Execution of Security Protocol Impl.: Handling Cryptographic Primitives Mathy Vanhoef @vanhoefm USENIX WOOT, Baltimore, US, 14 August 2018 Overview Symbolic Execution 4-way handshake Handling Crypto Results 2 Overview Symbolic

446 views • 41 slides
Justin Phelps @Linuturk Topics Installing SaltStack Remote Execution Grains

Justin Phelps @Linuturk Topics Installing SaltStack Remote Execution Grains

Justin Phelps @Linuturk Topics Installing SaltStack Remote Execution Grains Modules States Pillar Cloud GitFS Installation Insecure One-Liner: curl -L https://bootstrap.saltstack.com | sudo sh -s -- Make

166 views • 13 slides

More recommend