A Blockchain based Witness Model for Trustworthy Cloud Service Level - PowerPoint PPT Presentation

A Blockchain based Witness Model for Trustworthy Cloud Service Level Agreement Enforcement Huan Zhou , Xue Ouyang, Zhijie Ren, Jinshu Su, Cees de Laat, Zhiming Zhao Paris 1/May/2019

Outline • Cloud SLA / Blockchain: background and challenges • Witness Model Design and Key Techniques to Ensure Trustworthiness • Witness Management and Unbiased Random Selection • Payoff Function Design and Nash Equilibrium • Witness Audit Mechanism • Experimental Study • Conclusions

What is Cloud SLA? Cloud SLA (Service Level Agreement) is a business concept which defines the contractual and financial agreements between the Cloud customer and Framework provider . Cloud Service Provider � Cloud Service Customer �

What is Cloud SLA? Cloud SLA (Service Level Agreement) is a business concept which defines the contractual and financial agreements between the Cloud customer and Framework provider . Cloud Service Provider � Cloud Service Customer � Example: A Cloud customer, C , buys a VM (Virtual Machine), X , from an IaaS Cloud provider, P , for one hour. They make an agreement: in this one hour, - If the VM, X , does not crash, C à P 1000 credits. (payment) - If the VM, X , crashes, C à P 500 credits. (compensation) 4 4

What is Cloud SLA? Cloud SLA (Service Level Agreement) is a business concept which defines the contractual and financial agreements between the Cloud customer and Framework provider . Cloud Service Provider � Provider is in a centralized and dominating position: - Less fair; Cloud Service Consumer � - Lack of violation proof; Example: - Manual enforcement. A cloud customer, C , buys a VM (Virtual Machine), X , from an IaaS Cloud provider, P , for one hour. They make an agreement: in this one hour, - If the VM, X , does not crash, C à P 1000 credits. (payment) - If the VM, X , crashes, C à P 500 credits. (compensation) 5 5

What is Cloud SLA? Cloud SLA (Service Level Agreement) is a business concept which defines the contractual and financial agreements between the Cloud customer and Framework provider . Cloud Service 1. How to ensure the fairness of the provider and customer in the Provider � agreement? Centralized provider: 2. Who and how to detect and prove the SLA violation? Less fair; Cloud Service Consumer � 3. How to automate the process of payment and especially the Lack of violation proof, compensation? Example: Manual enforcement A cloud customer, C , buys a VM (Virtual Machine), X , from an IaaS Cloud provider, P , for one hour. They make an agreement: in this one hour, - If the VM, X , does not crash, C à P 1000 credits. (payment) - If the VM, X , crashes, C à P 500 credits. (compensation) 6 6

Blockchain: decentralized and immutable ledger • Blockchain is a technique, which makes every participant having consensus on a decentralized ledger, e.g., through PoW (Proof of Work). • Bitcoin is the first generation application of blockchain, from 2009. Block 12 Block 10 Block 11 Prev_Hash Timestamp Prev_Hash Timestamp Prev_Hash Timestamp Tx_Root Nounce Tx_Root Nounce Tx_Root Nounce Hash01 Hash23 Alice Sender Address transfer x tokens Hash2 Amount Hash0 Hash1 Hash3 Tx3 Receiver Address Bob Tx0 Tx2 Tx1 7 Transaction View

Blockchain: smart contract • Ethereum is the second generation blockchain, from 2015. • It proposes EVM (Ethereum Virtual Machine), which is a set of byte values to represent a virtual machine state. • Ethereum works as a world-wide computer. The program running on this computer is named as Smart Contract . Block 12 Block 10 Block 11 Prev_Hash Timestamp Prev_Hash Timestamp Prev_Hash Timestamp Tx_Root Nounce Tx_Root Nounce Tx_Root Nounce Hash3 EVM State: S’ EVM State: S Tx3 Alice ADDRESS: ADDRESS: CODE: Sender Address 741F7A3 741F7A3 Withdraw() BALANCE: BALANCE: Tx3 invoke 12 ETH 10 ETH { Interface X [CODE……..] [CODE……..] if (sender.adddr == Alice) STORAGE: STORAGE: sender.transfer( 2 ); Receiver Address [0,100,0,A] [0,100,ETH,A] } 8 Transaction View Smart Contract

OpportuniHes: automa1on A Cloud customer, C , buys a VM (Virtual Machine), X , from an IaaS Cloud provider, P , for one hour. They make an agreement: in this one hour, - If the VM, X , does not crash, C à P 1000 credits. (payment) - If the VM, X , crashes, C à P 500 credits. (compensation) Customer invokes this Payment interface Payment() Smart Contract CODE: { if( ! X .violated ) C .transfer( P , 1000) else C .transfer( P , 500) }

Challenges: viola1on detec1on? Real-world event Who provides the informa1on and data? Off-chain Events On-chain Transac1ons (e.g. service viola1on) (e.g. viola1on detec1on) Is it trustworthy ? What is the weather today? In the context of Cloud SLA, who can be the judge to convince both, the provider and customer, that the service violation really happens? How ?

Current soluHon: oracle Who? Oracle : Perform as “Data Carrier” Off-chain Events On-chain Transac1ons Is it trustworthy ? Distributed oracles Third trusted party Orisi SoNware Oracle Hardware Oracle For oracles: • Require them independent and trustworthy; • No incen1ve; • Must trust the third party; • Consensus issue; • Single point of failure;

Our proposal: decentralized witness model SLA Smart Contract Cloud Service Customer � Cloud Service Provider �

Our proposal: decentralized witness model … Witness � w 2 � w N � w 1 � report � M -out-of- N reports? violated? � SLA Smart Contract Cloud Service Customer � Cloud Service Provider �

Our proposal: decentralized witness model … Witness � w 2 � rewards � w N � w 1 � come from the deposit of provider and customer � SLA Smart Contract Cloud Service Customer � Cloud Service Provider �

How does it work in Cloud SLA … Decentralized Witnesses 4a Witness Monitor Rewards Report 4b 5 Enforce the violation corresponding fees Service Fee Publish Service Detail and Provider 2b 2a Setup SLA Cloud Provider provision SLA Cloud Service Smart Contract Compensation Fee Off-chain 3b 1 negotiation Accept SLA (possible happening) On-chain 3a Test and adopt interaction Off-chain interaction Cloud Customer

How does it work in Cloud SLA How to motivate the How the witnesses are … witness to tell the truth managed and selected Decentralized Witnesses about the service to be independent? violation detection? 4a Witness Monitor Rewards Report 4b 5 Enforce the violation corresponding fees Service Fee Publish Service Detail and Provider 2b 2a Setup SLA Cloud Provider provision SLA Cloud Service Smart Contract Compensation Fee Off-chain 3b 1 negotiation Accept SLA (possible happening) On-chain 3a Test and adopt interaction Off-chain interaction Cloud Customer

Decentralized Witnesses Pool U 1 � ID: 0x9a6baf8cb84cc3614f544fbb8c15e89e5a9311f2 State: Online/Offline/… register � U 2 � ID: 0x2e5727a1ae83f0c885e62b62b5561a1456b4bb65 State: Online/Offline/… Any … Witness-Pool Witnesses Blockchain User � Smart Contract Pool � U T � Some deposits for resisting ID: 0x4cee3a18a79ee7ce25f35bb7a8606e3a2131fd82 Sybil attack � State: Online/Offline/…

Unbiased Random SelecHon Procedure seed = H i +1 +H i +2 + … +H i + j +1 U 1 � FOR x = seed %T+1 check U x reputation 0x9a6baf8cb… Provider/Customer check U x state (online?) invokes � w 1 � seed = Hash( seed ) END FOR U 2 � RETURN N selected witnesses 0x2e5727a1… w 2 � … … Witness Witnesses Witness-Pool Committee Pool � Smart Contract ( W ) � U T � w N N > 2 0x4cee3a18… 1 Request � 3 Selection � 2 Wait for new j blocks generated � Block B i Block B i+1 Block B i+j H i-1 � H i � H i+1 � H i+j+1 � Prev_Hash Timestamp Prev_Hash Timestamp Prev_Hash Timestamp … Tx_Root Nounce Tx_Root Nounce Tx_Root Nounce Underlying Blockchain

Witness-as-a-Game Strategic Form Game with Complete Information Witness Committee ( W ) � ( r ) σ k : w k R eport the service violation to the smart contract … Actions: � ( s ) σ k Players: � w 1 � w 2 � w N � : w k do not report and keep S ilence to the smart contract π k ( σ k , σ − k ) : rewards of w k in this Payoff function � report � strategy profile (1 < N /2 < M < N) M -out-of- N reports? violated? � SLA Smart Contract Cloud Service Customer � Cloud Service Provider �

Payoff: witness incen1ve model Witness Committee ( W ) � ( r ) W report : ∀ w k ∈ W report , σ k = σ k … ( s ) W silence : ∀ w k ∈ W silence , σ k = σ k w 1 � w 2 � w N � report � M -out-of- N reports? (1 < N /2 < M < N) SLA Smart Contract Cloud Service Customer � Cloud Service Provider � no � W report ≥ M ? yes � violated � not violated � Payoff function � ( r ) , σ − k ) = 10 ( r ) , σ − k ) = − 1 ∀ w k ∈ W report , π k ( σ k ∀ w k ∈ W report , π k ( σ k ( s ) , σ − k ) = 0 ( s ) , σ − k ) = 1 ∀ w k ∈ W silence , π k ( σ k ∀ w k ∈ W silence , π k ( σ k