Steven Y. Ko (SUNY at Buffalo), Kyungho Jeon (SUNY at Buffalo), - - PowerPoint PPT Presentation

▶

Apr 11, 2024 326 likes •451 views

Steven Y. Ko (SUNY at Buffalo), Kyungho Jeon (SUNY at Buffalo), Ramses Morales (Xerox Research Center Webster) What if we dont trust clouds? Or more specifically, To what extent can we utilize clouds with partial trust? 2 Some

SLIDE 1

Steven

Y. Ko (SUNY at Buffalo),

Kyungho Jeon (SUNY at Buffalo), Ramses Morales (Xerox Research Center Webster)

SLIDE 2

 What if we don’t trust clouds?

Or more specifically,

 To what extent can we utilize clouds with

partial trust?

SLIDE 3

 Some people just don’t trust.

SLIDE 4

 Threats do exist.

Research: A. Armando et al. (ACM FMSE,

2008), T. Ristenpart et al. (ACM CCS, 2009), etc.

Media

SLIDE 5

 However, cloud computing offers benefits.  Elasticity: dynamic scale-up and down  Pay-as-you-go: less (or no) up-front infra

investment

 (Arguably) better maintenance &

availability

 Etc.

SLIDE 6

 Some people don’t trust clouds, threats

do exist, but there are benefits.

 Can we still utilize clouds without full

trust? If so, to what extent?

SLIDE 7

 (Typically) forced to choose between

extremes

Full Trust Full Utilization No Trust No Utilization What’s in the middle???

SLIDE 8

 HybrEx is one (or our very first) attempt.

Question: what if the only concern is

confidential or private data leakage? How much can we still utilize clouds?

SLIDE 9

 Partitioning & info. flow tracking (tainting)

Public Cloud Private Cloud HybrEx Storage HybrEx Execution Framework Internet App Disk

SLIDE 10

 Why?

A good start: popular, relatively easy to

partition (massively-parallel)

Public Cloud Private Cloud

Map Reduce

SLIDE 11

 Applications

Opportunities do exist (e.g., PigLatin & Hive)

 Declassification – how to enable private to

public shuffle?

New sanitize phase

 Performance – “wide-area MapReduce”

Catch: we’re adding resources
Localize communication whenever possible

 Integrity checking – how to verify

computation correctness

Random insertion of “inspection points”

SLIDE 12

Steven

Kyungho Jeon (SUNY at Buffalo), Ramses Morales (Xerox Research Center Webster)

 What if we don’t trust clouds?

Or more specifically,

 To what extent can we utilize clouds with

partial trust?

 Some people just don’t trust.

 Threats do exist.

2008), T. Ristenpart et al. (ACM CCS, 2009), etc.

 However, cloud computing offers benefits.  Elasticity: dynamic scale-up and down  Pay-as-you-go: less (or no) up-front infra

investment

 (Arguably) better maintenance &

availability

 Etc.

 Some people don’t trust clouds, threats

do exist, but there are benefits.

 Can we still utilize clouds without full

trust? If so, to what extent?

 (Typically) forced to choose between

extremes

Full Trust Full Utilization No Trust No Utilization What’s in the middle???

 HybrEx is one (or our very first) attempt.

confidential or private data leakage? How much can we still utilize clouds?

 Partitioning & info. flow tracking (tainting)

Public Cloud Private Cloud HybrEx Storage HybrEx Execution Framework Internet App Disk

 Why?

partition (massively-parallel)

Public Cloud Private Cloud

Map Reduce

 Applications

 Declassification – how to enable private to

public shuffle?

 Performance – “wide-area MapReduce”

 Integrity checking – how to verify

computation correctness

 Please come find me for more details!

Full Trust Full Utilization No Trust No Utilization What’s in the middle???