Results 1 -
3 of
3
Shielding applications from an untrusted cloud with haven.
- In OSDI,
, 2014
"... Abstract Today's cloud computing infrastructure requires substantial trust. Cloud users rely on both the provider's staff and its globally-distributed software/hardware platform not to expose any of their private data. We introduce the notion of shielded execution, which protects the conf ..."
Abstract
-
Cited by 14 (3 self)
- Add to MetaCart
(Show Context)
Abstract Today's cloud computing infrastructure requires substantial trust. Cloud users rely on both the provider's staff and its globally-distributed software/hardware platform not to expose any of their private data. We introduce the notion of shielded execution, which protects the confidentiality and integrity of a program and its data from the platform on which it runs (i.e., the cloud operator's OS, VM and firmware). Our prototype, Haven, is the first system to achieve shielded execution of unmodified legacy applications, including SQL Server and Apache, on a commodity OS (Windows) and commodity hardware. Haven leverages the hardware protection of Intel SGX to defend against privileged code and physical attacks such as memory probes, but also addresses the dual challenges of executing unmodified legacy binaries and protecting them from a malicious host. This work motivated recent changes in the SGX specification.
The Case for Less Predictable Operating System Behavior
"... "No one is so brave that he is not disturbed by something unexpected." Julius Caesar The operating system is increasingly regarded as untrustworthy. Applications, hardware, and hypervisors are erecting defenses to insulate themselves from the operating system. This paper explores the pote ..."
Abstract
- Add to MetaCart
(Show Context)
"No one is so brave that he is not disturbed by something unexpected." Julius Caesar The operating system is increasingly regarded as untrustworthy. Applications, hardware, and hypervisors are erecting defenses to insulate themselves from the operating system. This paper explores the potential benefits if operating systems simply embraced these lowered expectations and deliberately varied API behavior. We argue that, even for trusted or benign applications, diversity roughly within the specification can improve resilience to attack and improve robustness. Malicious software tends to be brittle; a preliminary case study indicates that, for software of questionable origin, a somewhat hostile operating system may do more good than harm for system security. This paper describes the architecture of Chameleon, an ongoing project to implement spectrumbehavior as an operating system feature.
Containing the Hype
"... Containers, or OS-based virtualization, have seen a recent resurgence in deployment. The term “container ” is nearly synonymous with “lightweight virtualization”, despite a re-markable dearth of careful measurements supporting this no-tion. This paper contributes comparative measurements and analysi ..."
Abstract
- Add to MetaCart
(Show Context)
Containers, or OS-based virtualization, have seen a recent resurgence in deployment. The term “container ” is nearly synonymous with “lightweight virtualization”, despite a re-markable dearth of careful measurements supporting this no-tion. This paper contributes comparative measurements and analysis of both containers and hardware virtual machines where the functionality of both technologies intersects. This paper focuses on two important issues for cloud computing: density (guests per physical host) and start-up latency (for responding to load spikes). We conclude that the overall den-sity is highly dependent on the most demanded resource. In many dimensions there are no significant differences, and in other dimensions VMs have significantly higher over-heads. A particular contribution is the first detailed analysis of the biggest difference—memory footprint—and opportu-nities to significantly reduce this overhead. 1.
