secure tera scale data crunching with a small tcb
play

Secure Tera-scale Data Crunching with a Small TCB Bruno Vavala Nuno - PowerPoint PPT Presentation

Aug 24, 2022 •312 likes •923 views

Secure Tera-scale Data Crunching with a Small TCB Bruno Vavala Nuno Neves Peter Steenkiste UL / CMU UL CMU 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN17) Goal delivering security guarantees for

  1. Secure Tera-scale Data Crunching with a Small TCB Bruno Vavala Nuno Neves Peter Steenkiste UL / CMU UL CMU 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’17)

  2. Goal delivering security guarantees for delivering security guarantees for generic and large-scale data large-scale data processing on untrusted hosts with a small TCB processing on untrusted hosts 2

  3. delivering security guarantees for large-scale data processing trusted on untrusted hosts with a small TCB HW based data integrity 3

  4. 1 TB delivering security guarantees for large-scale data processing on untrusted hosts with a small TCB 4

  5. small code delivering security guarantees for small large-scale data processing interface on untrusted hosts with a small TCB No HW devices 5

  6. Some use cases public cloud service provider 6

  7. Some use cases public cloud service provider computational genomics 0.3TB per genome 7

  8. …more generally…

  9. Model trusted hardware module P S V 9

  10. Model P 2. outsource large state 1. provide state authentication data S V 10

  11. Model 3. send 
 request P 2. outsource large state 1. provide state authentication data S V 11

  12. Model 3. send 
 request 4. execute 
 command P 2. outsource large state 1. provide state authentication data S V 12

  13. Model 3. send 
 request 4. execute 
 command P 2. outsource 5. receive 
 large state authenticated reply 1. provide state authentication data S V 13

  14. Outline • Goal • Previous Work • Our solution: key ideas and overview • Evaluation

  15. Outline • Goal • Previous Work • Our solution: key ideas and overview • Evalution

  16. Haven (OSDI’14) service — designed for Intel SGX — large TCB (due to libOS) libOS — 10s of new interface calls + works with 
 enclave unmodified applications interface picoprocess VHD host OS 16

  17. VC 3 (IEEE S&P’15) map & reduce — designed for Intel SGX functions — specific for Hadoop job execution + small TCB protocol + data confidentiality enclave + can run unmodified 
 narrow interface Hadoop applications process host OS 17

  18. A Niche in the State of the Art Trusted App small Large Interface Computing TCB State calls Specific arch. Haven No Yes tens No SGX (OSDI’14) Yes VC3 Yes R,W Yes SGX MapReduce (S&P’15) workloads XMHF- none Yes No No TPM / TXT TrustVisor 
 (but Minibox has tens) (S&P’13,’10) Yes Yes zero! No TV&SGX LaSt GT 18

  19. Outline • Goal • Previous Work • Our solution: key ideas and overview • Evalution

  20. untrusted env. trusted env. Scenario: two execution environments 20

  21. app’s execution flow untrusted env. trusted env. the service code is running 21

  22. app’s execution flow untrusted env. access data in block b i is b i in memory? trusted env. the service code accesses data in memory 22

  23. app’s execution flow untrusted env. access data in block b i is b i in memory? yes keep going trusted env. when data is available, there are no interruptions 23

  24. app’s execution flow untrusted env. access data in block b i handle page fault is b i in memory? no load data yes keep going trusted env. otherwise, the service is interrupted and 
 data memory pages are loaded 24

  25. app’s execution flow untrusted env. access data in block b i handle page fault is b i in memory? no load data yes keep going validate data trusted env. data is validated inside trusted environment, 
 independently from service execution 25

  26. app’s execution flow untrusted env. access data in resume block b i handle page fault is b i in memory? no load data yes keep going validate data trusted env. service is resumed and 
 only if data is valid, service can make progress 26

  27. …in practice…

  28. Architecture untrusted Trusted address Untrusted address space space other state service SMM untrusted services handler code (State map manager) trusted 
 OS Supervisor SGX/TPM Hardware 28

  29. Architecture untrusted Trusted address Untrusted address space space other state service SMM untrusted services handler code (State map manager) on TrustVisor, Supervisor is trusted on SGX, Supervisor is untrusted untrusted 
 OS Supervisor SGX/TPM Hardware 29

  30. LaSt GT in 5 steps 4 •Offline data protection at the source •State registration •Data processing •Lazy loading from memory & disk •Execution verification

  31. •Offline data protection at the source 1 •State registration •Data processing •Lazy loading from memory & disk •Verification

  32. 
 Data protection Hierarchical - Incremental as 
 data is created 
 0 1 0 0 0 1 1 1 1 0 1 0 0 0 0 1 0 0 0 1 1 1 1 0 1 0 0 0 Made for: bytes/block 2 10 2 40 2 15 - Incremental validation Tree size (bytes) 2 20 2 25 2 30 as data is loaded 2 30 - Fast verification 2 20 - Single hash tree is 2 10 unsuitable 2 20 2 25 2 30 2 35 2 40 State size (bytes) 32

  33. State Hierarchy root state root directory directory master chunks masterchunk chunks chunk chunk blocks files 33

  34. State Hierarchy - components are state root loaded separately - unneeded components directory not loaded in memory - state root (1 hash) masterchunk allows state validation masterchunk chunk chunk chunk chunk 34

  35. •Offline data protection at the source 2 •State registration •Data processing •Lazy loading from memory & disk •Verification

  36. Trusted address space Untrusted address space state service SMM handler code (State map manager) When the trusted execution environment is created, only the code is available inside OS Supervisor 36

  37. Trusted address space Untrusted address space state service SMM handler code (State map manager) grab root from disk OS Supervisor 37

  38. Trusted address space Untrusted address space state service SMM handler code (State map manager) grab root - registration is from disk the first register state execution - state handler installs root - root is trusted OS Supervisor 38

  39. Trusted address space Untrusted address space state service state SMM handler code root (State map manager) - state root is available 
 before service code runs 
 OS Supervisor 39

  40. •Offline data protection at the source 3 •State registration •Data processing •Lazy loading from memory & disk •Verification

  41. Trusted address space Untrusted address space state service state data SMM handler code root pages available pages NOT available - service code has view of entire state - state not readily available: inefficient loading it upfront OS Supervisor 41

  42. Trusted address space Untrusted address space state service state data SMM handler code root page hit on access - Service code execution begins - Service accesses data in memory - Data retrieval is fast if data is already available OS Supervisor 42

  43. Trusted address space Untrusted address space state service state data SMM handler code root page miss on access - Service code may access data 
 on missing pages OS Supervisor 43

  44. Trusted address space Untrusted address space state service state data SMM handler code root page - A page fault is triggered - Execution is interrupted, fault! seamlessly waiting to continue OS Supervisor 44

  45. 4 •Offline data protection at the source •State registration •Data processing •Lazy loading from memory & disk •Verification

  46. Trusted address space Untrusted address space state service state data SMM handler code root page fault! OS Supervisor 46

  47. Trusted address space Untrusted address space state service state data SMM handler code root page fault! grab state component - Let SMM handle missing data from disk - SMM loads data from disk page address OS Supervisor 47

  48. Trusted address space Untrusted address space state service state data SMM data handler code root page fault! - in TrustVisor, validate in place - in SGX, copy, validate, copy validate data OS Supervisor 48

  49. Trusted address space Untrusted address space state service state data SMM data handler code root page fault! - If Supervisor is trusted, 
 invalid data => no resume 
 (e.g.: TrustVisor) 
 data is valid - If Supervisor is untrusted 
 invalid data => no accept, 
 so no access (e.g.: SGX) OS Supervisor 49

  50. Trusted address space Untrusted address space state service state data SMM data handler code root page hit on access fault solved, data accessible on resume, continue… resume OS Supervisor 50

  51. - HW-based attestation of code identity, 
 including input request, state root, 
 output reply, nonce - Client checks validity of attestation 
 •Offline data protection at the source •Execution verification 5 and intended identities/hashes •State registration •Data processing •Lazy loading from memory & disk

  52. Outline • Goal • Previous Work • Our solution: key ideas and overview • Implemention(s) • Evaluation

Recommend

X 1 ILC : PHYSICS FROM TERA- TO PLANCK-SCALE 1. Introduction X Physics base and

X 1 ILC : PHYSICS FROM TERA- TO PLANCK-SCALE 1. Introduction X Physics base and

X 1 ILC : PHYSICS FROM TERA- TO PLANCK-SCALE 1. Introduction X Physics base and perspectives 2. ILC Physics Targets in Micro-Universe X Electroweak Symmetry Breaking X Ultimate Unification / Supersymmetry X Extra Space

639 views • 37 slides
sqrrl sqrrl Secure. Scale. Adapt Secure. Scale. Adapt. Adam

sqrrl sqrrl Secure. Scale. Adapt Secure. Scale. Adapt. Adam

sqrrl sqrrl Secure. Scale. Adapt Secure. Scale. Adapt. Adam Fuchs, CTO 11 April, 2013 Sqrrl Data, Inc. All Rights Reserved Who Who We Are re

894 views • 21 slides
Real-time visualisation and analysis of tera-scale datasets Christopher Fluke Amr Hassan

Real-time visualisation and analysis of tera-scale datasets Christopher Fluke Amr Hassan

Real-time visualisation and analysis of tera-scale datasets Christopher Fluke Amr Hassan (Swinburne; PhD student), David Barnes (Monash University), Virginia Kilborn (Swinburne) Thank you to the SPS15 organizers for the invitation to speak

259 views • 21 slides
Survey: need for small-scale Estonian Latvian cooperation projects 1 Small-scale project u

Survey: need for small-scale Estonian Latvian cooperation projects 1 Small-scale project u

12/5/19 Survey: need for small-scale Estonian Latvian cooperation projects 1 Small-scale project u Budget up to 50 000 EUR u Simple application and reporting 2 1 12/5/19 Small-scale projects in EstLat Programme u 2004-2006: small

382 views • 5 slides
TERA CONTRIBUTIONS TO PARTNER Ugo Amaldi University of Milano Bicocca and TERA Foundation

TERA CONTRIBUTIONS TO PARTNER Ugo Amaldi University of Milano Bicocca and TERA Foundation

TERA CONTRIBUTIONS TO PARTNER Ugo Amaldi University of Milano Bicocca and TERA Foundation PARTNER UA 17.10.08 1 CNAO status PARTNER UA 17.10.08 2 The CNAO Foundation builds with INFN in Pavia the Centre designed by TERA

775 views • 26 slides
STANlite a database engine for secure data processing at rack-scale level IEEE International

STANlite a database engine for secure data processing at rack-scale level IEEE International

Institute of Operating Systems and Computer Networks STANlite a database engine for secure data processing at rack-scale level IEEE International Conference on Cloud Engineering (IC2E18) V. A. Sartakov, N. Weichbrodt, S. Krieter, T.

388 views • 37 slides
Small scale big data in the Finnish pharmaceutical product index compilation Ottawa Group

Small scale big data in the Finnish pharmaceutical product index compilation Ottawa Group

Small scale big data in the Finnish pharmaceutical product index compilation Ottawa Group conference / Eltville, Germany Kristiina Nieminen 10th May 2017 Content 1. Background and introduction of the data 2. The practices 1.

621 views • 16 slides
Nanostructures for Tera Tera- -bit Level bit Level Nanostructures for Charge Trap Flash

Nanostructures for Tera Tera- -bit Level bit Level Nanostructures for Charge Trap Flash

Nanostructures for Tera Tera- -bit Level bit Level Nanostructures for Charge Trap Flash Memories Charge Trap Flash Memories Byung-Gook Park, Il Han Park, Jung-Hoon Lee, Gil Sung Lee, Jang-Gn Yun Inter-University Semiconductor Research

307 views • 29 slides
Discount Rates in Small Scale Fisheries Discount Rates in Small Scale Fisheries L OUISE T EH I

Discount Rates in Small Scale Fisheries Discount Rates in Small Scale Fisheries L OUISE T EH I

Discount Rates in Small Scale Fisheries Discount Rates in Small Scale Fisheries L OUISE T EH I N H ONOUR OF D R . C OLIN C LARK C ONFERENCE UBC M AY 15 2012 UBC, M AY 15, 2012 C O R A L R E E F S Reef Fisheries Small scale, multi

373 views • 36 slides
Lecture 8: Number Crunching Todays topics: MARS wrap-up RISC vs. CISC Numerical

Lecture 8: Number Crunching Todays topics: MARS wrap-up RISC vs. CISC Numerical

Lecture 8: Number Crunching Todays topics: MARS wrap-up RISC vs. CISC Numerical representations Signed/Unsigned Addition 1 Example Print Routine .data str: .asciiz the answer is .text li $v0, 4

663 views • 21 slides
Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data Weichao Wang, Zhiwei Li, Rodney Owens, Bharat Bhargava CCSW 2009: The ACM Cloud Computing Security Workshop 1 The Problem Providing secure and

414 views • 19 slides
Using Spatial Gradient Information to Extract Small Scale Information from Observations With

Using Spatial Gradient Information to Extract Small Scale Information from Observations With

7 th International Symposium on Data Assimilation: 21 January 2019 Using Spatial Gradient Information to Extract Small Scale Information from Observations With Correlated Errors Jol Bdard and Mark Buehner Data Assimilation and Satellite

454 views • 18 slides
SMALL-SCALE FISHERIES: FROM POLICY TO IMPLEMENTATION 16 November 2015 BY: CRAIG SMITH Director:

SMALL-SCALE FISHERIES: FROM POLICY TO IMPLEMENTATION 16 November 2015 BY: CRAIG SMITH Director:

SANCOR SEMINAR SMALL-SCALE FISHERIES: FROM POLICY TO IMPLEMENTATION 16 November 2015 BY: CRAIG SMITH Director: Small-Scale Fisheries Management Presentation Outline Background to the development of Small-Scale Fisheries Architecture

197 views • 18 slides
Economics of Small Scale LNG Shipping: Application for Indonesia and SEA Eduardo Perez

Economics of Small Scale LNG Shipping: Application for Indonesia and SEA Eduardo Perez

Economics of Small Scale LNG Shipping: Application for Indonesia and SEA Eduardo Perez www.SMALL-LNG.com small-lng.com When and where to use Small LNG carriers Islands Seasonal consumption Isolated places / expensive pipelines

576 views • 20 slides
System for Collecting and Analysing Sport Player Physical Data Small or medium scale focused

System for Collecting and Analysing Sport Player Physical Data Small or medium scale focused

System for Collecting and Analysing Sport Player Physical Data Small or medium scale focused research project (STREP) Date of preparation : 23.11.2015. Work programme topic addressed ICT 16 2015: Big data research Name of the

810 views • 21 slides
Computers Crunching Computers Crunching Lipids Lipids From From Cell Cell Membranes

Computers Crunching Computers Crunching Lipids Lipids From From Cell Cell Membranes

Computers Crunching Computers Crunching Lipids Lipids From From Cell Cell Membranes Membranes to to Lipoproteins Lipoproteins Ilpo Ilpo Vattulainen Vattulainen Biological Physics & Soft Matter Team Biological Physics & Soft

785 views • 25 slides
Small-Scale Communities Are Sufficient for Cost- and Data-Efficient Peer-to-Peer Energy Sharing

Small-Scale Communities Are Sufficient for Cost- and Data-Efficient Peer-to-Peer Energy Sharing

Small-Scale Communities Are Sufficient for Cost- and Data-Efficient Peer-to-Peer Energy Sharing Romaric Duvignau ( duvignau@chalmers.se ) 1 Verena Heinisch 2 oransson 2 Lisa G Vincenzo Gulisano 1 Marina Papatriantafilou 1 e-Energy20 ,

218 views • 19 slides
Manufacturing on Main Street: The Return of Small Scale Production Matthew Wagner, Ph.D Vice

Manufacturing on Main Street: The Return of Small Scale Production Matthew Wagner, Ph.D Vice

Manufacturing on Main Street: The Return of Small Scale Production Matthew Wagner, Ph.D Vice President of Revitalization Programs, NMSC Defined Small scale production refers to the production of a commodity with a small plant size firm.

496 views • 18 slides
Occupational Health and Safety in Small Scale Mines Prof. Dr. K. G. Jadoon Balochistan

Occupational Health and Safety in Small Scale Mines Prof. Dr. K. G. Jadoon Balochistan

Occupational Health and Safety in Small Scale Mines Prof. Dr. K. G. Jadoon Balochistan University of Information Technology Engineering and Management Sciences, Quetta Small scale Mining Definition Different countries have different criteria

625 views • 39 slides
SMALL SCALE LNG CATALYST FOR GROWING GAS MARKETS April 24-25, 2018 Access to Reliable Energy In

SMALL SCALE LNG CATALYST FOR GROWING GAS MARKETS April 24-25, 2018 Access to Reliable Energy In

SMALL SCALE LNG CATALYST FOR GROWING GAS MARKETS April 24-25, 2018 Access to Reliable Energy In the Emerging Market context, small-scale LNG demand could comprise of small (<200 MW) LNG-to-Power, off-grid distributed LNG market, conversion

155 views • 12 slides
Overview of Small Scale Surveys Overview of Small Scale Surveys Analysis of Information during

Overview of Small Scale Surveys Overview of Small Scale Surveys Analysis of Information during

Overview of Small Scale Surveys Overview of Small Scale Surveys Analysis of Information during the IPC April 2014 analysis identified gaps in nutrition information in various counties 28 counties were prioritized, mainly in the

250 views • 7 slides
completeness corrections and the small scale issues of the Milky Way Stacy Kim Small Galaxies,

completeness corrections and the small scale issues of the Milky Way Stacy Kim Small Galaxies,

completeness corrections and the small scale issues of the Milky Way Stacy Kim Small Galaxies, Cosmic Questions | Durham, UK | July 29, 2019 GAIA DR1 sky map Two fundamental predictions of CDM 1 DM halos are cuspy in their centers, i.e.

859 views • 57 slides
Estimates from the American Community Survey 5-year Data Robert Kominski Thom File Social,

Estimates from the American Community Survey 5-year Data Robert Kominski Thom File Social,

Examining Small-scale Geographic Estimates from the American Community Survey 5-year Data Robert Kominski Thom File Social, Economic and Household Statistics Division (SEHSD) U.S. Census Bureau Question: How good (or bad) are small-scale

862 views • 25 slides
Examining Vegeta,on Recovery Time A5er a Small Scale Disaster

Examining Vegeta,on Recovery Time A5er a Small Scale Disaster

Examining Vegeta,on Recovery Time A5er a Small Scale Disaster using MODIS Data and the OSDC Zac Flamig (University of Oklahoma) Gilbert Warren

73 views • 5 slides

More recommend