Institute of Operating Systems and Computer Networks STANlite – a database engine for secure data processing at rack-scale level IEEE International Conference on Cloud Engineering (IC2E’18) V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza, April 20, 2018 This work was partly supported by the DFG under priority program SPP2037
Design of STANlite Implementation of key components Evaluation Related works Conclusion Intro Data processing in cloud databases – commonly used practice Leakage of security sensitive information Compromising of data processing Mechanisms of prevention: Own trusted infrastructure Secure processors Homomorphic encryption V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 2 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Intro Data processing in cloud databases – commonly used practice Leakage of security sensitive information Compromising of data processing Mechanisms of prevention: Own trusted infrastructure Secure processors Homomorphic encryption Intel Software Guard eXtensions (SGX) Trusted execution in untrusted environments V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 2 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Trusted execution in untrusted environments TCB App. App. App. App. SGX Enclaves – new system entities: Operating Operating Located in User space System System Physical pages are encrypted Hypervisor Hypervisor Cannot be accessed by devices or software Hardware Hardware Without an enclave With an enclave Trusted Computing Base V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 3 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Trusted execution in untrusted environments TCB App. App. App. App. SGX Enclaves – new system entities: Operating Operating Located in User space System System Physical pages are encrypted Hypervisor Hypervisor Cannot be accessed by devices or software Hardware Hardware Without an enclave With an enclave Trusted Computing Base ⇒ Trusted execution on commodity hardware V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 3 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Programming of enclaves Challenges: Software should be self-contained and fully located inside an enclave No dependencies V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 4 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Programming of enclaves Challenges: Software should be self-contained and fully located inside an enclave No dependencies Some instructions are forbidden No System calls V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 4 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Programming of enclaves Challenges: Software should be self-contained and fully located inside an enclave No dependencies Some instructions are forbidden No System calls ECalls and OCalls – expensive switching mechanisms between trusted and untrusted modes At least in 50 times slower than a system call [1, 2] V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 4 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Programming of enclaves Challenges: Software should be self-contained and fully located inside an enclave No dependencies Some instructions are forbidden No System calls ECalls and OCalls – expensive switching mechanisms between trusted and untrusted modes At least in 50 times slower than a system call [1, 2] Paging V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 4 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Enclave Page Cache (EPC) limit memset speed ( MiB / sec ) 800 % 100 600 400 50 244.8 35 . 3 200 92 0 0 0 100 200 memset chunk size ( MiB ) V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 5 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion EPC limit memset speed ( MiB / sec ) 800 % 100 ˜92 MiB are available 600 Heavyweight paging 400 Involves a kernel 50 244.8 Threads should exit 35 . 3 200 Encryption/decryption Integrity protection 92 0 0 0 100 200 memset chunk size ( MiB ) V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 5 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion STANlite STANlite: a secure database for data processing in clouds Built on top of SGX Enclaves Processes large volumes of data without paging ECall-free high-performance communications over Remote Direct Memory Access (RDMA) V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 6 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Agenda Implementation of key components Evaluation Related works Conclusion V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 7 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion STANlite Process virtual memory 0xff..f Enclaved software can access untrusted memory Evicted Pages The database can manage own pages Swap in and swap out on request Enclave 92MiB in size Heap Keep frequently used content inside Evict rarely used content in encrypted form Content Fix memory layout to prevent the heavyweight paging Database engine 0x0 ⇒ Special Virtual Memory Engine (VME) V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 8 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Architecture VME components: Warm Store Enclave Virtual Memory Engine Cold Store Cold Store Communication Layer Warm Store XX Client Least Recently Used list C5 encrypt XX write C4 SQL C3 Swapping: Engine C0 Client XX read decrypt C2 Encryption/Decryption C1 XX Hash sums for rollback attacks prevention V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 9 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion Table of Contents Implementation of key components Evaluation Related works Conclusion V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 10 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion The basis SQLite as SQL engine: Communication layer Low footprint Interface Read/Write semantic VME Integration: SQL command Core processor OS Interface STANlite Virtual Machine Disabled Pager Three VME modes B-Tree Backend Pager OS Interface VME V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 11 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion VME mode: Integrity and Confidentiality ( Integrity) Enclave VME Cold Store C5 write C4 C4 encrypt C4 SQL C3 Engine C2 read C1 decrypt C1 C1 C0 V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 12 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion VME mode: +Cache ( Caching ) Enclave VME Cold Store XX Warm Store XX write C4 C4 decrypt SQL C3 C5 Engine read C3 C2 C0 e n c C1 r y p t XX V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 13 STANlite – a database engine for secure data processing at rack-scale level
Design of STANlite Implementation of key components Evaluation Related works Conclusion VME mode: +Fetch ( Fetching ) Enclave VME Cold Store XX Warm Store XX fetch C4 C4 SQL fetch C5 C3 C5 Engine fetch C1 C2 C0 X C1 decrypt C1 XX V. A. Sartakov, N. Weichbrodt, S. Krieter, T. Leich, R. Kapitza Page 14 STANlite – a database engine for secure data processing at rack-scale level
Recommend
More recommend