Asperathos: Running QoS-Aware Sensitive Batch Applications with Intel SGX

  • Lília Sampaio Universidade Federal de Campina Grande
  • Clenimar Souza Universidade Federal de Campina Grande
  • Gabriel Vinha Universidade Federal de Campina Grande
  • Andrey Brito Universidade Federal de Campina Grande

Resumo


The massive amount of information being generated nowadays results in the need for efficient data processing frameworks. For sensitive information, concerns also emerge regarding data integrity and confidentiality. To address such concerns, we present Asperathos, a configurable framework to automate the execution of batch applications in cloud environments while complying with QoS goals and processing potentially sensitive data. Our demonstration leverages tools such as Kubernetes and Intel SGX in a smart grid scenario, computing the power consumption from a dataset containing detailed measurements of users. We illustrate Asperathos features through the integration with both a command line and a web-based interface.

Referências

Arnautov, S., Trach, B., Gregor, F., Knauth, T., Martin, A., Priebe, C., Lind, J., Muthukumaran, D., O'Keeffe, D., Stillwell, M. L., Goltzsche, D., Eyers, D., Kapitza, R., Piet-zuch, P., and Fetzer, C. (2016). SCONE: Secure linux containers with intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16), pages 689-703. USENIX Association.

Barbosa, M., Portela, B., Scerri, G., and Warinschi, B. (2016). Foundations of hardware-based attested computation and application to sgx. In 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pages 245-260. IEEE.

Costan, V. and Devadas, S. (2016). Intel sgx explained. Cryptology ePrint Archive, Report 2016/086. http://eprint.iacr.org/2016/086.

Evans, K., Jones, A., Preece, A., Quevedo, F., Rogers, D., Spasić, I., Taylor, I., Stankovski, V., Taherizadeh, S., Trnkoczy, J., Suciu, G., Suciu, V., Martin, P., Wang, J., and Zhao, Z. (2015). Dynamically reconfigurable workflows for time-critical appli-cations. In Proceedings of the 10th Workshop on Workflows in Support of Large-Scale Science, WORKS '15.

Li, H., Liu, J., and Tang, G. (2011). A pricing algorithm for cloud computing resources. In 2011 International Conference on Network Computing and Information Security, pages 69-73.

McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C. V., Shafi, H., Shanbhogue, V., and Savagaonkar, U. R. (2013). Innovative instructions and software model for isolated execution. In HASP@ ISCA, page 10.

Schuster, F., Costa, M., Fournet, C., Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., and Russinovich, M. (2015). Vc3: Trustworthy data analytics in the cloud using sgx. In 2015 IEEE Symposium on Security and Privacy, pages 38-54.
Publicado
06/05/2019
SAMPAIO, Lília; SOUZA, Clenimar; VINHA, Gabriel; BRITO, Andrey. Asperathos: Running QoS-Aware Sensitive Batch Applications with Intel SGX. In: SALÃO DE FERRAMENTAS - SIMPÓSIO BRASILEIRO DE REDES DE COMPUTADORES E SISTEMAS DISTRIBUÍDOS (SBRC), 2. , 2019, Gramado. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2019 . p. 89-96. ISSN 2177-9384. DOI: https://doi.org/10.5753/sbrc_estendido.2019.7774.