stan current state and future work
play

STAN Current State and Future Work Scalable Hardware-Aided Trusted - PowerPoint PPT Presentation

Dec 29, 2022 •335 likes •502 views

STAN Current State and Future Work Scalable Hardware-Aided Trusted Data Management Nico Weichbrodt, 2019-09-03/04 Moving Databases to the Cloud Everyone moves to the cloud Higher scalability and availability But: no trust in the cloud

  1. STAN – Current State and Future Work Scalable Hardware-Aided Trusted Data Management Nico Weichbrodt, 2019-09-03/04

  2. Moving Databases to the Cloud Everyone moves to the cloud Higher scalability and availability But: no trust in the cloud provider → Trusted Execution with Intel SGX ⇒ DBMS needs to be adapted 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 2

  3. Intel SGX Recap Enclave are isolated compartments Enclave Confidentiality and integrity protection Special memory area for enclaves: EPC Application EPC size very small: ≈ 93 MiB on current hardware There are plans to increase this Memory Layout of enclaves fixed after creation NEW : SGXv2 add/remove/change permissions of pages after enclave creation 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 3

  4. Previous Research Efficiently handling data inside an SGX enclave SGX-aware virtual memory engine Prototype based on SQLite → STANlite (Sartakov et al., IC2E 2018) Analysing SGX performance overhead Trace enclave transitions Give recommendations on how to improve performance → sgx-perf (Weichbrodt et al. Middleware 2018) Reducing database memory footprint inside enclave Decomposing of applications into features Dynamically load and unload features into/out of enclaves → Adaptive SGX-enabled Systems (Krieter et al. VaMoS 2019) 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 4

  5. Work Program Status – 1.5 Years Later WP3: Proactive Working Set Management (TUB) Prefetching experiments, ≈ 20% performance inc. in best case Not evaluated further WP4: Extended Code Generation for Secure Interaction (TUB/HSH) No automatic partitioning sgx-perf code recommendations WP5: System Support for Integrity Preservation (TUB) STANlite virtual memory engine WP6: Trust-aware DBMS Architecture (HSH) Adaptive SGX-enabled Systems with dynamic loading ⇒ First Half done 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 5

  6. Current Research Current dynamic loading has a couple issues ✗ Not thread safe, no global objects ✗ Not a real dynamic linker (no linking of jumps/calls) ✗ Function pointer ownership problems ✗ Based on SGXv1 with executable heap ⇒ New version called sgx-dl Fix all issues above and use SGXv2 NEW: Hot-Patching for functions 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 6

  7. Architecture sgx-dl is a simple library linked into the enclave SXG SDK has preliminary support for SGXv2 We have our own additional changes (<100 SLOC driver, <1000 SDK) All issues fixed: thread safe ✓ , support for global object ✓ , no fixed memory layout ✓ , no function pointers ✓ , no executable heap ✓ New issues No function pointers and unloading results in a lot of checks → performance overhead ✗ Optimisation: Everything is always loaded mode 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 7

  8. Language Support sgx-dl is language agnostic, it loads ELF files In theory, everything that uses/supports C ABI should work Complete (tested) support for C and its features ✓ Loaded functions that are dynamically called need to have signature void *fctname(void *args) like pthread threads Some support for C++ ✓ SGX C++ standard library exists, but we did not really test this Rudimentary support for Rust ✗ No Rust standard library so only [no_std] code is supported Baidu Rust SGX SDK might work here 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 8

  9. Hot-Patching Problem: Enclave is potentially large (almost or even bigger than EPC size) Patches need to be applied → restart needed Encrypt state, save to disk, restart enclave, reload state and decrypt Solution: Hot-Patching of the affected functions, no restart needed Only possible for already dynamic functions 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 9

  10. First Benchmarks System: Intel NUC7PJYH2, Intel Pentium Silver, 4x 1.5GHz (SGXv2 capable) SGXv2 only available with Gemini Lake so far Skyhawk Lake: 2020 Cooper Lake: 2020, SGX on multi-socket servers 8 GiB memory, SSD Microbenchmark: Tiny enclave, measure call overhead to dynamic functions Load three functions, call one, this one calls the other two Enclave restart time: 0.13 s These enclaves are tiny so we don’t save that much time 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 10

  11. Microbechmark Hot-Patching/Calling Overhead Microbenchmark simple function executions enclave restart vs hot patching Threads: 1 4000 Baseline Patching (Optimised) Patching (All Checks) 3500 3000 function executions since last timestamp SAMPLE RATE = 100000 cycles 2500 2000 1500 1000 500 0 0 5x10 7 1x10 8 1.5x10 8 2x10 8 2.5x10 8 3x10 8 timestamp counter 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 11

  12. Macrobenchmark Small enclave (fits EPC) STANlite (SQLite) with dynamic functions in SQL-VM add/sub/mul/div/mod No changes made to state machine except argument un-/wrapping State is already encrypted in untrusted memory, so no state saving needed, just additional code to set the pointers right This is actually bad for us, as it reduces the benefit of hot-patching Enclave restart time: 0.8 s 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 12

  13. Macrobenchmark Hot-Patching/Calling Overhead Macrobenchmark STANlite enclave restart vs hot patching Query: SELECT ID, A, B, A+B FROM BENCH ORDER BY ID ASC LIMIT 1 Rows: 100,000 35 Baseline Patching 30 25 SAMPLE RATE = 1000000 cycles SELECTS since last timestamp 20 15 10 5 0 0 2x10 9 4x10 9 6x10 9 8x10 9 1x10 10 timestamp counter 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 13

  14. Macrobenchmark Speedtest2 (small dataset) 10 baseline with dynamic loading Execution Time ( Seconds ) 8 6 4 2 0 100 110 120 130 140 145 150 160 161 170 180 190 210 230 240 250 260 270 280 290 300 310 320 980 990 Name of Experiment Adapted from STANlite 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 14

  15. Next steps Publish sgx-dl Current conference target: EuroSys 2020, deadline November Nicer benchmarks/more applications Enclaves that don’t fit EPC, make more functions of SQLite dynamic Integrate with a DBMS e.g., MonetDB Next Round Distributed Secure Computing – Intel SGX Card (3x E3-1585L v5 with PCIe interconnect) SGX multi-socket servers RDMA + SGX + DPDK or similar 2019-09-03/04 Nico Weichbrodt STAN – Current State and Future Work Page 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

An Introduction to Stan and RStan Introduction I (MW) am not a developer of Stan , only a very

An Introduction to Stan and RStan Introduction I (MW) am not a developer of Stan , only a very

Michael Weylandt Houston R Users Group 2016-12-06 Rice University An Introduction to Stan and RStan Introduction I (MW) am not a developer of Stan , only a very happy user. Credit for Stan goes to the Stan Development Team: Andrew Gelman, Bob

1.33k views • 118 slides
Current State Future Work Demonstration Conclusion References Fatma Aknc

Current State Future Work Demonstration Conclusion References Fatma Aknc

Group Members What was Map-MET? Where to use? Overall System Current State Future Work Demonstration Conclusion References Fatma Aknc smail Can Meryem Sacan lker Argn Cokuner Group Members

269 views • 22 slides
The ACL Anthology Current State and Future Directions Daniel Gildea, Min-Yen Kan, Nitin Madnani,

The ACL Anthology Current State and Future Directions Daniel Gildea, Min-Yen Kan, Nitin Madnani,

The ACL Anthology Current State and Future Directions Daniel Gildea, Min-Yen Kan, Nitin Madnani, Christoph Teichmann, Martin Villalba What is this presentation about ? Summarize the history and current state of efforts related to the

444 views • 9 slides
Fast Bayesian modeling in Stan using StataStan mc-stan.org Robert Grant Kingston University +

Fast Bayesian modeling in Stan using StataStan mc-stan.org Robert Grant Kingston University +

Fast Bayesian modeling in Stan using StataStan mc-stan.org Robert Grant Kingston University + St George s, University of London www.robertgrantstats.co.uk Collaborative work including: Bob Carpenter Daniel Furr Andrew Gelman Daniel

698 views • 35 slides
The future of work, current trends on cooperatives &amp; the social and solidarity economy - The

The future of work, current trends on cooperatives &amp; the social and solidarity economy - The

The future of work, current trends on cooperatives &amp; the social and solidarity economy - The role of the ILO Guy Tchami Tokyo, September 2019 OUTLINE 1. Cooperatives and the changing world of work 2. ILOs work on cooperatives

804 views • 36 slides
The STATE OF X WORK AT CDL CURRENT &amp; UPCOMING About us CivicDataLab works with the goal

The STATE OF X WORK AT CDL CURRENT &amp; UPCOMING About us CivicDataLab works with the goal

The STATE OF X WORK AT CDL CURRENT &amp; UPCOMING About us CivicDataLab works with the goal to use data, tech, design and social science to strengthen the course of civic engagements in India. We work to harness the potential of open-source

582 views • 37 slides
$ CURRENT STATE FUTURE: STATE DIGITAL ENTERPRISE Access layer (APIs) SECURITY INTEGRATION

$ CURRENT STATE FUTURE: STATE DIGITAL ENTERPRISE Access layer (APIs) SECURITY INTEGRATION

$ CURRENT STATE FUTURE: STATE DIGITAL ENTERPRISE Access layer (APIs) SECURITY INTEGRATION PERF/SCALE STANDARDS HOW: DIGITAL TRANSFORMATION WEB SERVICES REST MICROSERVICES TASKS (PROCESSES) DECISIONS IF IF (RULES) BUSINESS ON

488 views • 30 slides
The future of Healthy Families: Transitioning to 2014 and beyond Prepared by: Stan Dorn With

The future of Healthy Families: Transitioning to 2014 and beyond Prepared by: Stan Dorn With

THE URBAN INSTITUTE The future of Healthy Families: Transitioning to 2014 and beyond Prepared by: Stan Dorn With assistance from: Ian Hill, Genevieve Kenney, Matthew Buettgens, Fiona Adams, Caitlin Carroll, Christine Coyer, and Lisa

1.04k views • 73 slides
Current Status NNTPEXT Working Group Stan Barber, Co-Chair 12/11/2000 Status Summary

Current Status NNTPEXT Working Group Stan Barber, Co-Chair 12/11/2000 Status Summary

Current Status NNTPEXT Working Group Stan Barber, Co-Chair 12/11/2000 Status Summary Current Practices Draft became RFC 2980 (Thanks, Ned!) RFC977bis is in 12 th release since it became draft-ietf-nntp-base-XX.txt There have

418 views • 13 slides
Stan Software Ecosystem for Modern Bayesian Inference Course materials:

Stan Software Ecosystem for Modern Bayesian Inference Course materials:

Stan Software Ecosystem for Modern Bayesian Inference Course materials: rpruim.github.io/StanWorkshop/course-materials Jonah Gabry Columbia University Vianey Leos Barajas Iowa State University Why Stan? suboptimal SEO Stanislaw Ulam

630 views • 38 slides
Planning for a Sustainable Future The State of our Assets Is Value Enough? Asset Group Current

Planning for a Sustainable Future The State of our Assets Is Value Enough? Asset Group Current

Planning for a Sustainable Future The State of our Assets Is Value Enough? Asset Group Current Previous Trend Roads 100M 105M Water 75M 78M Wastewater 50M 49M Parks 60M 62M PSAB: Guidelines to Transparency

930 views • 11 slides
Highlights of the UNSD current trade statistics outputs and future work Presentation by

Highlights of the UNSD current trade statistics outputs and future work Presentation by

Highlights of the UNSD current trade statistics outputs and future work Highlights of the UNSD current trade statistics outputs and future work Presentation by Matthias Reister Chief, International Merchandise Trade Statistics Section Trade

935 views • 30 slides
BioXFEL Science: Future plans &quot;Research: Current work (?)

BioXFEL Science: Future plans &quot;Research: Current work (?)

A US Na'onal Science Founda'on Science and Technology Center . BioXFEL Science: Future plans &quot;Research: Current work (?) and Future Goals (40 min

648 views • 48 slides
CURRENT AND FUTURE TRENDS Presented by: Darci Hanning, Oregon State Library Esther Moberg,

CURRENT AND FUTURE TRENDS Presented by: Darci Hanning, Oregon State Library Esther Moberg,

CREATIVITY IN TECHNOLOGY: CURRENT AND FUTURE TRENDS Presented by: Darci Hanning, Oregon State Library Esther Moberg, Director Seaside Public Library April 17 th , 2015 DH EM CURRENT TECH SOON TO BE SHELVED EM OBSOLETE TECH CDs

1.25k views • 47 slides
Summary of Micro Grid Technologies Presentation/ The Current State and Future Prospects of DER

Summary of Micro Grid Technologies Presentation/ The Current State and Future Prospects of DER

Summary of Micro Grid Technologies Presentation/ The Current State and Future Prospects of DER Deployment At the CCREs annual conference for energy leaders, a panel comprised of Paul Murphy, Dan McGillivray and Paul Sommerville considered the

320 views • 4 slides
Automated OpenCL GPU kernel fusion for Stan Math Tadej Ciglari (presenter) * , Rok enovar,

Automated OpenCL GPU kernel fusion for Stan Math Tadej Ciglari (presenter) * , Rok enovar,

Automated OpenCL GPU kernel fusion for Stan Math Tadej Ciglari (presenter) * , Rok enovar, Erik trumbelj * Stan State-of-the-art software for Bayesian statistics. Probabilistic programming language + Math library with auto-

874 views • 15 slides
Well-balanced DG scheme for Euler equations with gravity Praveen Chandrashekar

Well-balanced DG scheme for Euler equations with gravity Praveen Chandrashekar

Well-balanced DG scheme for Euler equations with gravity Praveen Chandrashekar praveen@tifrbng.res.in Center for Applicable Mathematics Tata Institute of Fundamental Research Bangalore 560065 Higher Order Numerical Methods for Evolutionary

729 views • 55 slides
Proof Search in Minimal Logic Helmut Schwichtenberg Mathematisches Institut, Universit at M

Proof Search in Minimal Logic Helmut Schwichtenberg Mathematisches Institut, Universit at M

Proof Search in Minimal Logic Helmut Schwichtenberg Mathematisches Institut, Universit at M unchen 1 Motivation Proof carrying code (Lee, Necula) Why? Proofs are machine checkable (easily) Here: code carrying proofs Prospects:

541 views • 36 slides
Is Haskell ready for everyday computing? An informal experience report. Jeff Polakow CUFP 2008

Is Haskell ready for everyday computing? An informal experience report. Jeff Polakow CUFP 2008

Is Haskell ready for everyday computing? An informal experience report. Jeff Polakow CUFP 2008 Talk Overview My background Job background System description Points of interest Conclusions About Me Theoretical PL

426 views • 15 slides
Integrated Visualization of Network Security Metadata from Heterogeneous Data Sources Bastian

Integrated Visualization of Network Security Metadata from Heterogeneous Data Sources Bastian

Integrated Visualization of Network Security Metadata from Heterogeneous Data Sources Bastian Hellmann Trust@HsH Research Group University of Applied Sciences and Arts in Hanover July 13th 2015 GraMSec 2015 Verona, Italy Bastian Hellmann

547 views • 15 slides
Enter the Threshold The NIST Threshold Cryptography Project National Institute of Standards and

Enter the Threshold The NIST Threshold Cryptography Project National Institute of Standards and

Enter the Threshold The NIST Threshold Cryptography Project National Institute of Standards and Technology NIST Threshold Cryptography Workshop 2019 (#NTCW2019) March 11, 2019 @ NIST campus, Gaithersburg MD, USA Contact email:

1.21k views • 80 slides
Local Search Topology Implications for planner performance Mark Roberts Adele Howe Colorado

Local Search Topology Implications for planner performance Mark Roberts Adele Howe Colorado

Local Search Topology Implications for planner performance Mark Roberts Adele Howe Colorado State University Fort Collins, Colorado Hoffmanns Topological Analyses: The Taxonomy M BW4oop Mystery Mprime I M Mic-ADL N. Schedule

459 views • 9 slides
Integer-Forcing: An Algebraic Approach to Interference Management Bobak Nazer Boston University

Integer-Forcing: An Algebraic Approach to Interference Management Bobak Nazer Boston University

Integer-Forcing: An Algebraic Approach to Interference Management Bobak Nazer Boston University Thanks to Wenbo He, Engin Tunali, and Krishna Narayanan for help with the plots. Communications Theory Workshop Interference Management Session

755 views • 53 slides
Approximating Pareto Curves using Semidefinite Relaxations Victor MAGRON Postdoc LAAS-CNRS

Approximating Pareto Curves using Semidefinite Relaxations Victor MAGRON Postdoc LAAS-CNRS

Pareto Curves Parametric POP Outer Approximations of f ( S ) Perspectives Approximating Pareto Curves using Semidefinite Relaxations Victor MAGRON Postdoc LAAS-CNRS (Joint work with Didier Henrion and Jean-Bernard Lasserre) Optimisation Non

769 views • 66 slides

More recommend