Trusted Heterogeneous Disaggregated Architectures
Authors: 
Atsushi Koshiba, Felix Gust, Julian Pritzi, Anjo Vahldiek-Oberwagner, Nuno Santos, Pramod BhatotiaAuthors Info & Claims
Pages 72 - 79
Abstract
The rising performance demands and increasing heterogeneity in cloud data centers lead to a paradigm shift in the cloud infrastructure, from monolithic servers to a disaggregated architecture. In a multi-tenant cloud, users should be able to leverage trusted computing to protect their applications from untrusted parties. While Trusted Execution Environments (TEEs) are a well-known technique to realize trusted computing on monolithic servers, we cannot adopt existing TEE technologies to the disaggregated architecture due to their distributed nature and heterogeneity of devices. To address these challenges, we propose trusted heterogeneous disaggregated architectures, which allows cloud users to construct virtual TEEs (vTEEs): TEE-based, secure, isolated environments assembled with any combination of disaggregated components.
References
[1]
M. Arrimar, M. Washha, G. S. Ramachandran, and B. Crispo. slimIoT: Scalable Lightweight Attestation Protocol For the Internet of Things.
[2]
N. Asokan, F. Brasser, A. Ibrahim, A.-R. Sadeghi, M. Schunter, G. Tsudik, and C. Wachsmann. SEDA: Scalable Embedded Device Attestation. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS '15, pages 964--975. Association for Computing Machinery.
[3]
A. Baumann, P. Barham, P.-E. Dagand, T. Harris, R. Isaacs, S. Peter, T. Roscoe, A. Schüpbach, and A. Singhania. The multikernel: A new os architecture for scalable multicore systems. In Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles, SOSP '09, page 29--44, New York, NY, USA, 2009. Association for Computing Machinery.
[4]
M. Boubakri, F. Chiatante, and B. Zouari. Towards a firmware TPM on RISC-V. In 2021 Design, Automation & Test in Europe Conference & Exhibition (DATE), pages 647--650, Feb. 2021. ISSN: 1558-1101.
[5]
F. Brasser, D. Gens, P. Jauernig, A.-R. Sadeghi, and E. Stapf. SANCTUARY: ARMing TrustZone with User-space Enclaves. In Proceedings 2019 Network and Distributed System Security Symposium, San Diego, CA, 2019. Internet Society.
[6]
F. Brasser, U. Müller, A. Dmitrienko, K. Kostiainen, S. Capkun, and A.-R. Sadeghi. Software grand exposure: SGX cache attacks are practical. In 11th USENIX Workshop on Offensive Technologies (WOOT 17), Vancouver, BC, Aug. 2017. USENIX Association.
[7]
X. Carpent, K. ElDefrawy, N. Rattanavipanon, and G. Tsudik. Lightweight Swarm Attestation: A Tale of Two LISA-s. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, ASIA CCS '17, pages 86--100. Association for Computing Machinery.
[8]
X. Carpent, N. Rattanavipanon, and G. Tsudik. ERASMUS: Efficient Remote Attestation via Self- Measurement for Unattended Settings.
[9]
D. Cerdeira, N. Santos, P. Fonseca, and S. Pinto. Sok: Understanding the prevailing security vulnerabilities in trustzone-assisted tee systems. In 2020 IEEE Symposium on Security and Privacy (SP), pages 1416--1432, 2020.
[10]
G. Chen and Y. Zhang. MAGE: Mutual Attestation for a Group of Enclaves without Trusted Third Parties. In 31st USENIX Security Symposium (USENIX Security 22), pages 4095--4110, 2022.
[11]
V. Costan and S. Devadas. Intel sgx explained. Cryptology ePrint Archive, Paper 2016/086, 2016. https://eprint.iacr.org/2016/086.
[12]
H. Cui, H. Zhang, G. R. Ganger, P. B. Gibbons, and E. P. Xing. Geeps: Scalable deep learning on distributed gpus with a gpu-specialized parameter server. In Proceedings of the Eleventh European Conference on Computer Systems, EuroSys '16, New York, NY, USA, 2016. Association for Computing Machinery.
[13]
A. Dhar, S. Sridhara, S. Shinde, S. Capkun, and R. Andri. Empowering data centers for next generation trusted computing, 2022.
[14]
J. Domingo-Ferrer, O. Farràs, J. Ribes-González, and D. Sánchez. Privacy-preserving cloud computing on sensitive data: A survey of methods, products and challenges. Comput. Commun., 140(C):38--60, may 2019.
[15]
P. Faraboschi, K. Keeton, T. Marsland, and D. Milojicic. Beyond processor-centric operating systems. In 15th Workshop on Hot Topics in Operating Systems (HotOS XV), Kartause Ittingen, Switzerland, May 2015. USENIX Association.
[16]
A. Ferraiuolo, A. Baumann, C. Hawblitzel, and B. Parno. Komodo: Using verification to disentangle secure-enclave hardware from software. In Proceedings of the 26th Symposium on Operating Systems Principles, SOSP '17, page 287--305, New York, NY, USA, 2017. Association for Computing Machinery.
[17]
A. Forencich, A. C. Snoeren, G. Porter, and G. Papen. Corundum: An open-source 100-gbps nic. In 2020 IEEE 28th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM), pages 38--46, 2020.
[18]
D. Ghimire, D. Kil, and S.-h. Kim. A survey on efficient convolutional neural networks and hardware acceleration. Electronics, 11(6), 2022.
[19]
A. Gholami and E. Laure. Security and privacy of sensitive data in cloud computing: A survey of recent developments. In Computer Science & Information Technology (CS & IT). Academy & Industry Research Collaboration Center (AIRCC), dec 2015.
[20]
GlobalPlatform Technology. TEE System Architecture v1.3 | GPD_spe_009. https://globalplatform.org/specs-library/tee-system-architecture/.
[21]
J. Götzfried, M. Eckert, S. Schinzel, and T. Müller. Cache attacks on intel sgx. In Proceedings of the 10th European Workshop on Systems Security, EuroSec'17, New York, NY, USA, 2017. Association for Computing Machinery.
[22]
J. Gu, M. Chowdhury, K. G. Shin, Y. Zhu, M. Jeon, J. Qian, H. Liu, and C. Guo. Tiresias: A GPU cluster manager for distributed deep learning. In 16th USENIX Symposium on Networked Systems Design and Implementation (NSDI 19), pages 485--500, Boston, MA, Feb. 2019. USENIX Association.
[23]
J.-Y. Gu, H. Li, Y.-B. Xia, H.-B. Chen, C.-G. Qin, and Z.-Y. He. Unified Enclave Abstraction and Secure Enclave Migration on Heterogeneous Security Architectures. Journal of Computer Science and Technology, 37(2):468--486, Apr. 2022.
[24]
K. Guo, S. Han, S. Yao, Y. Wang, Y. Xie, and H. Yang. Software-hardware codesign for efficient neural network acceleration. IEEE Micro, 37(2):18--25, 2017.
[25]
Z. Guo, Y. Shan, X. Luo, Y. Huang, and Y. Zhang. Clio: A hardwaresoftware co-designed disaggregated memory system. In Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2022, page 417--433, New York, NY, USA, 2022. Association for Computing Machinery.
[26]
M. Hille, N. Asmussen, P. Bhatotia, and H. Härtig. SemperOS: A distributed capability system. In 2019 USENIX Annual Technical Conference (USENIX ATC 19), pages 709--722, Renton, WA, July 2019. USENIX Association.
[27]
M. Hille, N. Asmussen, H. Härtig, and P. Bhatotia. A heterogeneous microkernel os for rack-scale systems. In Proceedings of the 11th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys '20, page 50--58, New York, NY, USA, 2020. Association for Computing Machinery.
[28]
A. Ibrahim, A.-R. Sadeghi, G. Tsudik, and S. Zeitouni. DARPA: Device Attestation Resilient to Physical Attacks. In Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks, WiSec '16, pages 171--182. Association for Computing Machinery.
[29]
Intel. Intel infrastructure processing unit (ipu) and smartnics. https://www.intel.de/content/www/de/de/products/network-io/smartnic.html, 2022.
[30]
I. Jang, A. Tang, T. Kim, S. Sethumadhavan, and J. Huh. Heterogeneous isolated execution for commodity gpus. In Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '19, page 455--468, New York, NY, USA, 2019. Association for Computing Machinery.
[31]
D. Ji, Q. Zhang, S. Zhao, Z. Shi, and Y. Guan. Microtee: Designing TEE OS based on the microkernel architecture. In 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications / 13th IEEE International Conference On Big Data Science And Engineering, TrustCom/BigDataSE 2019, Rotorua, New Zealand, August 5-8, 2019, pages 26--33. IEEE, 2019.
[32]
L. Kang, Y. Xue, W. Jia, X. Wang, J. Kim, C. Youn, M. J. Kang, H. J. Lim, B. Jacob, and J. Huang. Iceclave: A trusted execution environment for in-storage computing. In MICRO-54: 54th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO '21, page 199--211, New York, NY, USA, 2021. Association for Computing Machinery.
[33]
K. Katrinis, D. Syrivelis, D. Pnevmatikatos, G. Zervas, D. Theodoropoulos, I. Koutsopoulos, K. Hasharoni, D. Raho, C. Pinto, F. Espina, S. Lopez-Buedo, Q. Chen, M. Nemirovsky, D. Roca, H. Klos, and T. Berends. Rack-scale disaggregated cloud data centers: The dredbox project vision. In 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE), pages 690--695, 2016.
[34]
L. M. Kaufman. Data security in the world of cloud computing. IEEE Security & Privacy, 7(4):61--64, 2009.
[35]
G. Klein, J. Andronick, K. Elphinstone, G. Heiser, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, T. Sewell, H. Tuch, and S. Winwood. Sel4: Formal verification of an operating-system kernel. Commun. ACM, 53(6):107--115, jun 2010.
[36]
A. Klimovic, C. Kozyrakis, E. Thereska, B. John, and S. Kumar. Flash storage disaggregation. In Proceedings of the Eleventh European Conference on Computer Systems, EuroSys '16, New York, NY, USA, 2016. Association for Computing Machinery.
[37]
F. Kohnhäuser, N. Büscher, S. Gabmeyer, and S. Katzenbeisser. SCAPI: A scalable attestation protocol to detect software and physical attacks. In Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec '17, pages 75--86. Association for Computing Machinery.
[38]
F. Kohnhäuser, N. Büscher, and S. Katzenbeisser. SALAD: Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security, ASIACCS '18, pages 329--342. Association for Computing Machinery.
[39]
D. Korolija, T. Roscoe, and G. Alonso. Do OS abstractions make sense on FPGAs? In 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI 20), pages 991--1010. USENIX Association, Nov. 2020.
[40]
G. Lacey, G. W. Taylor, and S. Areibi. Deep learning on fpgas: Past, present, and future, 2016.
[41]
B. Lampson, M. Abadi, M. Burrows, and E. Wobber. Authentication in distributed systems: Theory and practice. ACM Trans. Comput. Syst., 10(4):265--310, nov 1992.
[42]
D. Lee, D. Kohlbrenner, S. Shinde, K. Asanović, and D. Song. Keystone. Proceedings of the Fifteenth European Conference on Computer Systems, 2020.
[43]
S.-s. Lee, Y. Yu, Y. Tang, A. Khandelwal, L. Zhong, and A. Bhattacharjee. Mind: In-network memory management for disaggregated data centers. In Proceedings of the ACM SIGOPS 28th Symposium on Operating Systems Principles, SOSP '21, page 488--504, New York, NY, USA, 2021. Association for Computing Machinery.
[44]
K. Lim, J. Chang, T. Mudge, P. Ranganathan, S. K. Reinhardt, and T. F. Wenisch. Disaggregated memory for expansion and sharing in blade servers. In Proceedings of the 36th Annual International Symposium on Computer Architecture, ISCA '09, page 267--278, New York, NY, USA, 2009. Association for Computing Machinery.
[45]
lowRISC contributors. The opentitan project. https://opentitan.org, 2022.
[46]
V. Nitu, B. Teabe, A. Tchana, C. Isci, and D. Hagimont. Welcome to zombieland: Practical and energy-efficient memory disaggregation in a datacenter. In Proceedings of the Thirteenth EuroSys Conference, EuroSys '18, New York, NY, USA, 2018. Association for Computing Machinery.
[47]
M. S. Riazi, B. Darvish Rouani, and F. Koushanfar. Deep learning on private data. IEEE Security & Privacy, 17(6):54--63, 2019.
[48]
Y. Shan, Y. Huang, Y. Chen, and Y. Zhang. LegoOS: A disseminated, distributed OS for hardware resource disaggregation. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 18), pages 69--87, Carlsbad, CA, Oct. 2018. USENIX Association.
[49]
S. Shinde, Z. L. Chua, V. Narayanan, and P. Saxena. Preventing page faults from telling your secrets. In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ASIA CCS '16, page 317--328, New York, NY, USA, 2016. Association for Computing Machinery.
[50]
L. Vilanova, L. Maudlej, S. Bergman, T. Miemietz, M. Hille, N. Asmussen, M. Roitzsch, H. Härtig, and M. Silberstein. Slashing the disaggregation tax in heterogeneous data centers with fractos. In Proceedings of the Seventeenth European Conference on Computer Systems, EuroSys '22, page 352--367, New York, NY, USA, 2022. Association for Computing Machinery.
[51]
S. Volos, K. Vaswani, and R. Bruno. Graviton: Trusted execution environments on GPUs. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 18), pages 681--696, Carlsbad, CA, Oct. 2018. USENIX Association.
[52]
Y. E. Wang, G.-Y. Wei, and D. Brooks. Benchmarking tpu, gpu, and cpu platforms for deep learning, 2019.
[53]
R. N. M. Watson, J. Anderson, B. Laurie, and K. Kennaway. A taste of capsicum: Practical capabilities for unix. Commun. ACM, 55(3):97--104, mar 2012.
[54]
K. Xia, Y. Luo, X. Xu, and S. Wei. Sgx-fpga: Trusted execution environment for cpu-fpga heterogeneous architecture. 2021 58th ACM/IEEE Design Automation Conference (DAC), 2021.
[55]
A. Xilinx. Alveo sn1000 smartnic accelerator card. https://www.xilinx.com/products/boards-and-kits/alveo/sn1000.html, 2022.
[56]
Y. Xu, W. Cui, and M. Peinado. Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In 2015 IEEE Symposium on Security and Privacy, pages 640--656, 2015.
[57]
M. Zhao, M. Gao, and C. Kozyrakis. ShEF: Shielded Enclaves for Cloud FPGAs, page 1070--1085. Association for Computing Machinery, New York, NY, USA, 2022.
[58]
R. Zhao, W. Luk, X. Niu, H. Shi, and H. Wang. Hardware acceleration for machine learning. In 2017 IEEE Computer Society Annual Symposium on VLSI(ISVLSI), pages 645--650, 2017.
[59]
S. Zhao, Q. Zhang, Y. Qin, W. Feng, and D. Feng. Sectee: A software-based approach to secure enclave architecture using tee. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS '19, page 1723--1740, New York, NY, USA, 2019. Association for Computing Machinery.
[60]
J. Zhu, R. Hou, X. Wang, W. Wang, J. Cao, B. Zhao, Z. Wang, Y. Zhang, J. Ying, L. Zhang, and D. Meng. Enabling rack-scale confidential computing using heterogeneous trusted execution environment. In 2020 IEEE Symposium on Security and Privacy (SP), pages 1450--1465, 2020.
Index Terms
- Trusted Heterogeneous Disaggregated Architectures
Recommendations
Trusted Computing in Context
The trusted computing technology embodied in the Trusted Platform Modulesecure-coprocessor from the Trusted Computing Group is a hardware-based root of trust thatmakes it possible for the system designer--not the computer owner--to regulate ...
Design and Deployment of a Trusted Eucalyptus Cloud
CLOUD '11: Proceedings of the 2011 IEEE 4th International Conference on Cloud ComputingShift from traditional software models to the Internet has been steadily gaining momentum over the last 10 years. Moving business applications to the shared utility infrastructure of the cloud with its pay-as-you-go and auto scaling features has become ...
Construction of a Trusted SaaS Platform
SOSE '10: Proceedings of the 2010 Fifth IEEE International Symposium on Service Oriented System EngineeringAs a part of Cloud computing, Software as a Service(SaaS) enables users to cut their costs by outsourcing software as a service on-demand, in which both computation and storage are handled on server-side. However, data must be decrypted into memory when ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
August 2023
98 pages
ISBN:9798400703058
DOI:10.1145/3609510
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 24 August 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
Conference
APSys '23
Sponsor:
APSys '23: 14th ACM SIGOPS Asia-Pacific Workshop on Systems
August 24 - 25, 2023
Seoul, Republic of Korea
Acceptance Rates
APSys '23 Paper Acceptance Rate 13 of 32 submissions, 41%;
Overall Acceptance Rate 169 of 430 submissions, 39%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 251Total Downloads
- Downloads (Last 12 months)184
- Downloads (Last 6 weeks)18
Reflects downloads up to 30 Nov 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in