an untold story of redundant clouds making your service
play

An Untold Story of Redundant Clouds: Making Your Service Deployment - PowerPoint PPT Presentation

An Untold Story of Redundant Clouds: Making Your Service Deployment Truly Reliable Ennan Zhai 1 , Ruichuan Chen 2 , David Isaac Wolinsky 1 , Bryan Ford 1 1 Yale University & 2 Bell Labs Road-Map Motivations Goal & Insight iRec


  1. Strawman Solution 3 [Xiao et al, CCSW’13] App Provider SMPC is di ffi cult to scale! SMPC Cloud Provider3 Cloud Provider1 Cloud Provider2

  2. Our Approach - iRec • The fi rst cloud independence recommender sys: - achieving our goal - preserving privacy of each cloud provider - practical

  3. Our Approach - iRec • The fi rst cloud independence recommender sys: - achieving our goal - preserving privacy of each cloud provider - practical Preliminary background: PSI-CA

  4. Preliminary: PSI-CA • Private set-intersection cardinality proposed by [Freedman et al, EuroCrypt’04]. • Allows k parties to compute the # of overlapping elements without learning other information.

  5. Preliminary: PSI-CA • Private set-intersection cardinality proposed by [Freedman et al, EuroCrypt’04]. • Allows k parties to compute the # of overlapping elements without learning other information. 11 3 3 7 10 1 PSI-CA 5 20 3

  6. Preliminary: PSI-CA • Private set-intersection cardinality proposed by [Freedman et al, EuroCrypt’04]. • Allows k parties to compute the # of overlapping elements without learning other information. 11 3 3 7 10 1 PSI-CA 5 20 3

  7. Preliminary: PSI-CA • Private set-intersection cardinality proposed by [Freedman et al, EuroCrypt’04]. • Allows k parties to compute the # of overlapping elements without learning other information. One overlapping element 11 One overlapping element 3 3 7 10 One overlapping element 1 PSI-CA 5 20 3

  8. Preliminary: PSI-CA • Private set-intersection cardinality proposed by [Freedman et al, EuroCrypt’04]. • Allows k parties to compute the # of overlapping elements without learning other information. But I do not know which element is overlapping 11 But I do not know which 3 element is overlapping 3 7 10 But I do not know which element is overlapping 1 PSI-CA 5 20 3

  9. Preliminary: PSI-CA Bob Alice 1 4 6 2 Data Set A Data Set B • Alice and Bob has set A and B respectively and Alice wants to jointly compute |A B|. • Alice makes a polynomial P whose roots are the elements of data set A. • Alice encrypts the coe ffi cients of P and sends them to Bob. Note that Alice sends homomorphic encryptions of the coe ffi cients to Bob. • Bob evaluates P(B i ) for each element in data set B. • Bob returns the encrypted evaluations to Alice. • Alice decrypts it and counts the number of zeroes.

  10. Preliminary: PSI-CA Bob P = (X-12)(X-5)(X-4) Alice 1 = x 3 -21x 2 +128X-240 4 6 2 Data Set A Data Set B • Alice and Bob has set A and B respectively and Alice wants to jointly compute |A B|. • Alice makes a polynomial P whose roots are the elements of data set A. • Alice encrypts the coe ffi cients of P and sends them to Bob. Note that Alice sends homomorphic encryptions of the coe ffi cients to Bob. • Bob evaluates P(B i ) for each element in data set B. • Bob returns the encrypted evaluations to Alice. • Alice decrypts it and counts the number of zeroes.

  11. Preliminary: PSI-CA Bob P = (X-12)(X-5)(X-4) Alice 1 = x 3 -21x 2 +128X-240 4 {E(1), E(-21), E(128), E(-240)} 6 2 Data Set A Data Set B • Alice and Bob has set A and B respectively and Alice wants to jointly compute |A B|. • Alice makes a polynomial P whose roots are the elements of data set A. • Alice encrypts the coe ffi cients of P and sends them to Bob. Note that Alice sends homomorphic encryptions of the coe ffi cients to Bob. • Bob evaluates P(B i ) for each element in data set B. • Bob returns the encrypted evaluations to Alice. • Alice decrypts it and counts the number of zeroes.

  12. Preliminary: PSI-CA Bob P = (X-12)(X-5)(X-4) Alice 1 = x 3 -21x 2 +128X-240 4 {E(1), E(-21), E(128), E(-240)} 6 {E(P(1)), E(P(4)), E(P(6)), E(P(2))} 2 Data Set A Data Set B • Alice and Bob has set A and B respectively and Alice wants to jointly compute |A B|. • Alice makes a polynomial P whose roots are the elements of data set A. • Alice encrypts the coe ffi cients of P and sends them to Bob. Note that Alice sends homomorphic encryptions of the coe ffi cients to Bob. • Bob evaluates P(B i ) for each element in data set B. • Bob returns the encrypted evaluations to Alice. • Alice decrypts it and counts the number of zeroes.

  13. Preliminary: PSI-CA Bob P = (X-12)(X-5)(X-4) Alice 1 = x 3 -21x 2 +128X-240 4 {E(1), E(-21), E(128), E(-240)} 6 {E(P(1)), E(P(4)), E(P(6)), E(P(2))} 2 Data Set A Data Set B • Alice and Bob has set A and B respectively and Alice wants to jointly compute |A B|. • Alice makes a polynomial P whose roots are the elements of data set A. • Alice encrypts the coe ffi cients of P and sends them to Bob. Note that Alice sends homomorphic encryptions of the coe ffi cients to Bob. • Bob evaluates P(B i ) for each element in data set B. • Bob returns the encrypted evaluations to Alice. • Alice decrypts it and counts the number of zeroes.

  14. Preliminary: PSI-CA Bob P = (X-12)(X-5)(X-4) Alice 1 = x 3 -21x 2 +128X-240 4 {E(1), E(-21), E(128), E(-240)} 6 {E(P(1)), E(P(4)), E(P(6)), E(P(2))} 2 Data Set A Data Set B • Alice and Bob has set A and B respectively and Alice wants to jointly compute |A B|. • Alice makes a polynomial P whose roots are the elements of data set A. • Alice encrypts the coe ffi cients of P and sends them to Bob. Note that Alice sends homomorphic encryptions of the coe ffi cients to Bob. • Bob evaluates P(B i ) for each element in data set B. • Bob returns the encrypted evaluations to Alice. • Alice decrypts it and counts the number of zeroes.

  15. Preliminary: PSI-CA Bob P = (X-12)(X-5)(X-4) Alice 1 = x 3 -21x 2 +128X-240 4 {E(1), E(-21), E(128), E(-240)} 6 {E(-132), E(0), E(-12), E(-60)} 2 Data Set A Data Set B • Alice and Bob has set A and B respectively and Alice wants to jointly compute |A B|. • Alice makes a polynomial P whose roots are the elements of data set A. • Alice encrypts the coe ffi cients of P and sends them to Bob. Note that Alice sends homomorphic encryptions of the coe ffi cients to Bob. • Bob evaluates P(B i ) for each element in data set B. • Bob returns the encrypted evaluations to Alice. • Alice decrypts it and counts the number of zeroes.

  16. Preliminary: PSI-CA Bob P = (X-12)(X-5)(X-4) Alice 1 = x 3 -21x 2 +128X-240 4 {E(1), E(-21), E(128), E(-240)} 6 {E(-132), E(0), E(-12), E(-60)} 2 Data Set A Data Set B • Alice and Bob has set A and B respectively and Alice wants to jointly compute |A B|. • Alice makes a polynomial P whose roots are the elements of data set A. • Alice encrypts the coe ffi cients of P and sends them to Bob. Note that Alice sends homomorphic encryptions of the coe ffi cients to Bob. • Bob evaluates P(B i ) for each element in data set B. • Bob returns the encrypted evaluations to Alice. • Alice decrypts it and counts the number of zeroes.

  17. Preliminary: PSI-CA P = (X-12)(X-5)(X-4) Alice = x 3 -21x 2 +128X-240 {-132, 0, -12, -60} Data Set A • Alice and Bob has set A and B respectively and Alice wants to jointly compute |A B|. • Alice makes a polynomial P whose roots are the elements of data set A. • Alice encrypts the coe ffi cients of P and sends them to Bob. Note that Alice sends homomorphic encryptions of the coe ffi cients to Bob. • Bob evaluates P(B i ) for each element in data set B. • Bob returns the encrypted evaluations to Alice. • Alice decrypts it and counts the number of zeroes.

  18. Preliminary: PSI-CA Result is: 1 P = (X-12)(X-5)(X-4) Alice = x 3 -21x 2 +128X-240 {-132, 0, -12, -60} Data Set A • Alice and Bob has set A and B respectively and Alice wants to jointly compute |A B|. • Alice makes a polynomial P whose roots are the elements of data set A. • Alice encrypts the coe ffi cients of P and sends them to Bob. Note that Alice sends homomorphic encryptions of the coe ffi cients to Bob. • Bob evaluates P(B i ) for each element in data set B. • Bob returns the encrypted evaluations to Alice. • Alice decrypts it and counts the number of zeroes.

  19. Preliminary: PSI-CA One overlapping element 11 One overlapping element 3 3 7 10 One overlapping element 1 PSI-CA 5 20 3

  20. Our Approach - iRec App Provider iRec Cloud A Cloud B Cloud C ISP A Power A Power B ISP B Power C

  21. Our Approach - iRec Select two clouds for redundancy: A&B? B&C? or A&C? App Provider iRec Cloud A Cloud B Cloud C ISP A Power A Power B ISP B Power C

  22. Step 1 App Provider iRec Cloud A Cloud B Cloud C ISP A Power A Power B ISP B Power C

  23. Step 2 App Provider iRec Cloud A Cloud B Cloud C ISP A Power A Power B ISP B Power C

  24. Step 3 App Provider iRec ISP A ISP B ISP B Power A Power A Power C Power B Power B Cloud A Cloud B Cloud C ISP A Power A Power B ISP B Power C

  25. Step 3 App Provider iRec ISP A ISP B ISP B Power A Power A Power C PSI-CA PSI-CA Power B Power B Cloud A Cloud B Cloud C ISP A Power A Power B ISP B Power C

  26. Step 4 App Provider iRec Cloud A Cloud B Cloud C ISP A Power A Power B ISP B Power C

  27. Step 5 Deployment | | Cloud A, C 0 Cloud B, C 1 Cloud A, B 2 App Provider Recommender Cloud A Cloud B Cloud C ISP A Power A Power B ISP B Power C

  28. Step 5 Deployment | | Cloud A, C 0 Ranking List Cloud B, C 1 Cloud A, B 2 | | Deployment App Provider Recommender 1. Cloud A, C 0 2. Cloud B, C 1 3. Cloud A, B 2 Cloud A Cloud B Cloud C ISP A Power A Power B ISP B Power C

  29. An Improvement Version • Di ff erent infrastructure components play di ff erent roles in the clouds • Power source might be much more likely to fail than ISPs

  30. An Improvement Version • Di ff erent infrastructure components play di ff erent roles in the clouds • Power source might be much more likely to fail than ISPs

  31. An Improvement Version • Di ff erent infrastructure components play di ff erent roles in the clouds • Power source might be much more likely to fail than ISPs • We propose an improvement version - Using Weighted PSI-CA (W-PSI-CA) to instead of PSI-CA in Step2 - No other improvement

  32. An Improvement Version • Di ff erent infrastructure components play di ff erent roles in the clouds • Power source might be much more likely to fail than ISPs • We propose an improvement version - Using Weighted PSI-CA (W-PSI-CA) to instead of PSI-CA in Step3 - No other improvement

  33. Recall: Step 3 App Provider iRec ISP A ISP B ISP B Power A Power A Power C PSI-CA PSI-CA Power B Power B Cloud A Cloud B Cloud C ISP A Power A Power B ISP B Power C

  34. Recall: Step 3 Result is 2 ISP A ISP B Power A Power A PSI-CA Power B Power B Cloud A Cloud B ISP A Power A Power B ISP B

  35. Using W-PSI-CA Cloud A Cloud B ISP A Power A Power B ISP B

  36. Using W-PSI-CA ISP A ISP B Power A Power A Power B Power B Cloud A Cloud B ISP A Power A Power B ISP B

  37. Using W-PSI-CA ISP A 1 ISP B 1 Power A 2 Power A 2 Power B 2 Power B 2 Cloud A Cloud B ISP A Power A Power B ISP B

  38. Using W-PSI-CA Weights ISP A 1 ISP B 1 Power A 2 Power A 2 Power B 2 Power B 2 Cloud A Cloud B ISP A Power A Power B ISP B

  39. Using W-PSI-CA DSI DSI ISP B ISP A ISP A 1 ISP B 1 Power A Power A Power A Power A Power A 2 Power A 2 Power B Power B Power B 2 Power B 2 Power B Power B Cloud A Cloud B ISP A Power A Power B ISP B

  40. Using W-PSI-CA DSI DSI ISP B ISP A ISP A 1 ISP B 1 Power A Power A Power A Power A Power A 2 Power A 2 Power B Power B Power B 2 Power B 2 Power B Power B Cloud A Cloud B ISP A Power A Power B ISP B

  41. Using W-PSI-CA DSI DSI ISP B ISP A Power A Power A Power A Power A PSI-CA Power B Power B Power B Power B Cloud A Cloud B ISP A Power A Power B ISP B

  42. Using W-PSI-CA Result is 4 DSI DSI ISP B ISP A Power A Power A Power A Power A PSI-CA Power B Power B Power B Power B Cloud A Cloud B ISP A Power A Power B ISP B

  43. Case Study

Recommend


More recommend