SecureCloud · EUBra-BIGSEA project aims at developing a set of cloud services empowering Big Data...

SecureCloud

Joint EU-Brazil Research and Innovation ActionSECURE BIG DATA PROCESSING IN UNTRUSTED CLOUDS

https://www.securecloudproject.eu/

Project dissemination and clustering activities report (Ver. 1)D6.3

Due date: 31 December 2016Submission date: 2 February 2017

Start date of project: 1 January 2016

Document type: DeliverableWork package: WP6

Editor: Giovanni Mazzeo, Francesco Tessitore (SYNC)

Contributing partners: All

Reviewers: Stefan Köpsell (TUD)Marcelo Pasin (UniNE)

Dissemination LevelPU Public

√CO Confidential, only for members of the consortium (including the Commission Services)CI Classified, as referred to in Commission Decision 2001/844/EC

SecureCloud has received funding from the European Union’s Horizon 2020 research and innovationprogramme and was supported by the Swiss State Secretariat for Education, Research and Innovation(SERI) under grant agreement No 690111.

Tasks related to this deliverable:Task No. Task description Partners involved○

T6.3 Project dissemination and clustering activities report(Version1)

SYNC, TUD, UniNE

○This task list may not be equivalent to the list of partners contributing as authors to the deliverable∗Task leader

Executive SummaryThis document describes the main communication channels and the dissemination and clustering activitiesperformed by SecureCloud partners during the first twelve months of project activity. The consortiumhas planned and implemented a comprehensive set of actions, that has enabled: i) dissemination ofcurrent project achievements to a wide audience, consisting of a variety of stakeholders; ii) fruitfulcooperation with other projects, funded by the EU or by the Brazilian government, targeting issuesthat are closely related or complementary to the SecureCloud workplan; iii) the organization of jointworkshops, where the security framework proposed by the project has been presented (also by means ofpublic demo/seminars). These actions are described in detail in the remainder of the document, and inparticular:

Section 2 provides an overview of the main achievements of the dissemination activity so far. Theseinclude the description of the dissemination channels that have been used (Web site, newsletters, socialnetwork accounts, project mailing list, and gitlab support), as well as a summary of the workshopsorganized by the project.

Section 3 deals with clustering activities. It reports about the projects - doing research in the field ofcloud security - with which concrete joint endeavors have been planned. These projects were selectedbased on a thorough analysis of: i) the potential - both in terms of commonality and of complementarity -with SecureCloud, and ii) the existence of direct connections between SecureCloud Principal Investigators(PIs) and PIs of those projects.

Section 4 reports on the interactions with the project Advisory Board.Section 5 provides an overview of the scientific and technical publications that the SecureCloud

consortium has produced so far. For each paper, we report the abstract and the complete bibliographicalinformation (to allow interested readers to get ahold of the full contents of the papers). The list of thepapers that have been published so far is also available on the project Web site. For those papers that arepublished under a copyright agreement that allows it, the full text is also available on the project Web site.

Section 6 provides a summary of the project technical meetings.The document ends with a section providing a wrap-up of the main achievements and an overview of

the plan for the next period.

i

Contents

Executive Summary i

1 Objectives and Approach 21.1 Purpose and Scope of the Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

2 Dissemination Activities 32.1 Web Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32.2 GitLab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42.3 Social Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

2.3.1 Twitter Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42.3.2 Facebook Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

2.4 Project Workshops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52.4.1 1st Workshop on System Software for Trusted Execution (SysTEX 2016) . . . . 52.4.2 International Workshop On Assured Cloud Computing And QoS Aware Big Data 7

3 Clustering Activities 93.1 The DPSP Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93.2 SERECA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103.3 KONFIDO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

4 Advisory Board 13

5 Scientific Publications 145.1 Conference and Workshop Papers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145.2 Journal Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185.3 Submitted Papers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

6 Project Meetings 206.1 January 2016 Kick-Off Meeting (KOM) - Champery (CH) . . . . . . . . . . . . . . . . . 206.2 May 2016 Meeting - Dresden (DE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206.3 October 2016 Plenary Meeting - Procida (IT) . . . . . . . . . . . . . . . . . . . . . . . . . 20

7 Conclusions 21

1

1 Objectives and ApproachThis part defines the methodology adopted and the objectives of this deliverable. During the first twelvemonths of life of the project, dissemination activities went through an initial phase. When the first resultsachieved by the project are available, more focused and practice-oriented activities will be performed,and in the second phase of dissemination activities the main results achieved will be presented to thewidest possible audience. Depending on the target audience (industry, researchers, and others decisionmakers) dissemination actions are performed at different levels. In some cases, the SecureCloud projectand its objectives are presented at an higher level of abstraction (i.e. more strategic than technical), inothers the internals of the technical solutions are presented in detail.

1.1 Purpose and Scope of the Document

This deliverable contains the report about dissemination activities. Dissemination is understood primarilyas a means of creating and spreading awareness about the project, its goals and results, which calls for aproactive approach to applying SecureCloud technologies to real-life cases. The document addressesthe promotional activities related to the SecureCloud technologies and framework to potential recipients:businesses, research organisations, and stakeholders. Dissemination activities include the following:

• building a complete promotion policy;

• promotion of the SecureCloud project website;

• promotion via seminars and workshops;

• preparation and diffusion of material for dissemination and publication;

• involvement of an Advisory Board when presenting the proposed security framework in workshopsand organising demo/seminars on the SecureCloud project.

2

2 Dissemination ActivitiesThis chapter surveys all dissemination activities conducted by the project partners. These include: theproject website as an initial dissemination means, the European events where SecureCloud was presented,and the scientific publications co-authored by the project partners.

2.1 Web Site

Figure 2.1: SecureCloud Website

The SecureCloud project website www.securecloudproject.eu is fundamental for any disseminationactivity. It is one of the main means through witch the SecureCloud consortium offers, during the projectlifetime and after the end of the project, project information, partners descriptions and results obtainedto an external audience. Also a mailing list service was created to provide information about upcomingevents (conferences, workshops, etc.). To summarize, primary objectives are:

• to highlight results of the SecureCloud project and disseminate them,

• to act as a thrust for cooperation among related projects and initiatives,

• to raise awareness of SecureCloud project among the potential users.

Target Audience

The SecureCloud website is not foreseen as a collaborative tool. The target audience consists of thefollowing groups:

• Industry potential partners,

• Academia researchers,

3

Deliverable 6.3 Secure Big Data Processing in Untrusted Clouds

• SecureCloud partners.

When website was created, the informational needs of these groups have been taken into account forwhat concerns scheduled events, news and relevant background documents.

Website Domain

SecureCloud domain name (securecloudproject.eu) is easy to remember. Additionally the domain is alsodescriptive itself by creating a link between the project name and its essence (European project).

2.2 GitLab

GitLab is a web-based Git repository manager with wiki and issue tracking features, using an open sourcelicense. It allows you to create private repositories.

GitLab is used as document repository for the SecureCloud project: deliverables and papers,management, meetings and proposal documents are uploaded to this repository manager.The SecureCloud repository is available at: https://gitlab.securecloud.works/.

Figure 2.2: GitLab repository

2.3 Social Media

The website has links to Twitter and Facebook project profiles. In this way, interested users may followproject updates even through social media.

2.3.1 Twitter Profile

The Twitter SecureCloud project page is available at the following address:

• https://twitter.com/H2020SecCloud

4


Figure 2.3: SecureCloud Twitter Page

2.3.2 Facebook Page

The SecureCloud Facebook page is available at the following address:

• https://www.facebook.com/h2020securecloud/

2.4 Project Workshops

2.4.1 1st Workshop on System Software for Trusted Execution (SysTEX 2016)

SecureCloud, in collaboration with SERECA project, organized the 1st Workshop on System Softwarefor Trusted Execution (SysTEX 2016).

The program committee was chaired of:

• Pascal Felber, University of Neuchatel, Switzerland

• Christof Fetzer, TU Dresden, Germany

• Rdiger Kapitza, TU Braunschweig, Germany

• Peter Pietzuch, Imperial College, United Kingdom

Topics

The aim of the conference was the design, implementation, deployment, and evaluation of distributedsystem platforms and architectures for computing, storage, and communication environments. The

5


Figure 2.4: SecureCloud Facebook Page

SysTEX workshop was focused on system software and middleware that set up new hardware for trustedexecution. Besides Intel Software Guard Extensions (SGX) and ARM TrustZone, additional hardwarefeatures that enable the implementation of trustworthy systems have been proposed during this conference.The call for paper have treated several topics concerning:

• Architecture, applications and implementation technologies for trusted platforms and trustworthyinfrastructures

• Middleware for distributed trusted execution

• OS support for trusted execution

• Trustworthy infrastructures and services for cloud computing (including resilience)

• Attestation and integrity verification

• Cryptographic aspects of trusted and trustworthy computing

• Intrusion resilience in trusted computing

• Virtualization for trusted platforms

• Security policy and management of trusted computing

• Privacy aspects of trusted computing

• Verification of trusted computing architectures

• Usability and end-user interactions with trusted platforms

6


• Limitations of trusted computing

• Usability and user perceptions of trustworthy systems and risks

• Use case studies of trusted execution

• Validation and performance evaluation of trusted hardware

The program committee was consisted of 13 experts of the targeted research fields from Europeas well as the US. Due to the high quality ten papers could be accepted. All presentations received aconsiderable amount of questions. SysTex workshop was counted as a success.

Figure 2.5: SysTEX 2016 Workshop

2.4.2 International Workshop On Assured Cloud Computing And QoS Aware Big Data

The International Workshop on Assured Cloud Computing and QoS aware Big Data, in conjunctionwith the 17th IEEE /ACM CCGRID, in Madrid, Spain, May 14-17, 2017 will be supported by theEUBra-BIGSEA project consortium.

The workshop was organized by:

• Ignacio Blanquer, Universitat Politnica de Valncia, ES

• Rakesh Bobba, Oregon State University, US

• Andrey Brito, Federal University of Campina Grande, BR

• Roy Campbell, University of Illinois at Urbana-Champaign, US

7


• Roberto Cascella, Trust-IT Services, UK

• Christof Fetzer, Dresden University of Technology, DE

• Zbigniew Kalbarczyk, University of Illinois at Urbana-Champaign, US

• Charles Kamhoua, Air Force Research Laboratory, US

• Kevin Kwiat, Air Force Research Laboratory, US

• Wagner Meira, Jr., Federal University of Minas Gerais, BR

• Luigi Romano, Synclab S.r.l., IT

EUBra-BIGSEA project aims at developing a set of cloud services empowering Big Data analytics toease the development of massive data processing applications. It proposes to develop models, predictiveand reactive cloud infrastructure QoS techniques, efficient and scalable Big Data operators and a privacyand quality analysis framework, exposed to several programming environments. Also aims at coveringgeneral requirements of multiple application areas.

CCGrid 2017, 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing,aims at bringing together developers of bioinformatics and biomedical applications and researchers in thefield of distributed IT systems. The goals of the workshop are to exchange and discuss existing solutionsand latest developments in both fields. The workshop further intends to collaboratively explore newapproaches to successfully apply distributed IT-systems in translational research, clinical intervention,and decision-making.

The workshop will be a forum of dialogue centered upon the development and advancement of aneffort to design, implement, and evaluate dependable cloud architectures that can provide assurances withrespect to security, reliability, and timeliness of computations (or services). Research on cloud services,ICT-skilled data scientists and application developers can find complementary solutions and partnershipsto evaluate and integrate additional solutions.

Figure 2.6: International Workshop On Assured Cloud Computing And QoS Aware Big Data logo

8

3 Clustering ActivitiesThis section highlights the clustering activities of the consortium conducted in the first project year.SecureCloud consortium collaborated with other projects and groups increasing SecureCloud visibilityand potential impact.

3.1 The DPSP Cluster

The first call of H2020 LEIT WP2014-2015 gave birth to a significant number of grants addressingresearch and innovation on diverse solutions for ensuring data protection, security and privacy in thecloud.

The DPSP Cluster was born with the aim to seek synergies between these projects and to join effortstowards greater impact. The topics addressed in the Cluster give continuity to research and innovationin the context of other EU-funded projects of the FP7 and CIP Programmes, and therefore these wereinvited to join the Cluster too. In the following we present the initial objectives and organisation schemaof the Cluster.

Objectives:

• Maximize the impact of EU-funded research and innovation project results in the areas of DataProtection, Security and Privacy in the Cloud by:

– Seeking synergies in the methods, tools and solutions proposed by EU-funded research andinnovation projects in the areas of Data Protection, Security and Privacy in the Cloud.

– Maximising the innovation over state-of-the-art and the advances on the common researchareas.

– Collaboration in the organisation of joint dissemination events, such as joint Workshops andconferences, and collaboration in other joint dissemination actions such as joint papers andarticles, etc.

– Joint efforts to encourage standardisation whenever possible.

• Ensure the market orientation and adoption of EU-funded research and innovation project resultsin the areas of Data Protection, Security and Privacy in the Cloud by:

– Working in the deep analysis of market trends and needs in the areas of Data Protection,Security and Privacy in the Cloud.

– Looking for alignment of exploitation strategies and models of EU-funded research andinnovation project results as much as possible.

• Help define the research and innovation needs in H2020 in the areas of Data Protection, Securityand Privacy in the Cloud by:

– Contributing to the definition of strategic research areas and topics for the strategic and workprogrammes.

– Providing feedback on the drawbacks and problems faced during the execution of the projectswith respect to the impact achievement in order to look for solutions in future projects.

9


Figure 3.1: DPSP logo

The participation is on a voluntary basis and participation in the DPSP Cluster does not exclude aproject to participate in any of the other Clusters of European Projects on Cloud. The Cluster aims toserve as instrument to ease the achievement of market impact of the participating projects.Therefore, themain idea is that the participation in the Cluster does not become an extra effort for the participatingprojects, but integrates with the projects interests in creating greater impact.

SecureCloud is providing a contribution to the DPSP cluster and, at the same time, is receivingsomething back. SecureCloud added new topics to the research areas covered by the project (i.e. theunexplored trusted execution with SGX), and new innovative ideas (i.e. the possibility to secure sensitivedata against malicious cloud provider). Furthermore, the use cases implemented in SecureCloud are ofinterest for the DPSP cluster since they provide additional requirements which are really important, sincethese come from critical infrastructures. Finally SecureCloud, thanks to the DPSP Cluster, is improvingthe strategy of exploitation of project results.

3.2 SERECA

Cloud security is of immediate concern to organisations that must comply with strict confidentiality andintegrity policies. More broadly, security has emerged as a commercial imperative for cloud computingacross a wide range of markets. The lack of adequate security guarantees is becoming the primary barrierto the broad adoption of cloud computing.

The Secure Enclaves for REactive Cloud Applications (SERECA) project aims to remove technicalimpediments to secure cloud computing, and thereby encourage greater uptake of cost-effective andinnovative cloud solutions in Europe. It proposes to develop secure enclaves, a new technique thatexploits secure commodity CPU hardware for cloud deployments, empowering applications to ensuretheir own security without relying on public cloud operators. Secure enclaves additionally supportregulatory-compliant data localisation by allowing applications to securely span multiple cloud datacentres.

Although secure enclaves are a general mechanism, SERECA focuses on a particularly importantand rapidly growing class of applications: reactive applications for the Internet of Things (IoT), Cyber-Physical Systems (CPS), augmented reality, gaming, computer-mediated social interaction, and thelike. These applications are highly interactive, data intensive, and distributed, often involving extremelysensitive societal and personal information.

SERECA partners published a number of research papers on different activities, which are part ofan overall process of the SERECA platform development. The findings of the SERECA Project will be

10


directly applicable to research in cloud security but will also indirectly apply to other fields like Internetof Things, Cyper Physical Systems and Autonomous Driving.

Results demonstrate that the project has successfully raised awareness about its technical value - aswell as its potential in terms of real take up - among stakeholders. Partners are very much involved injoint and individual exploitation plans, which they are pursuing with concrete actions, including fundingof a start-up and enabling synergies between European Structural and Investment Funds, Horizon 2020and other research, innovation and competitiveness-related Union programmes.

SecureCloud and SERECA are both exploring the same core technology: Intel SGX. This is aninnovative and extremely recent security hardening mechanism. Therefore, the exchange of knowledgeregarding SGX between the two project is highly fruitful. In fact, there are a number of aspects of SGX,which still need to be more explored. The establishment of synergies between SERECA and SecureCloudcan be productive for both projects helping them to quickly solve issues and define better approaches onSGX.

Figure 3.2: Sereca logo

3.3 KONFIDO

KONFIDO (Secure and Trusted Paradigm for Interoperable eHealth Services) advances the state of the artof eHealth technology with respect to four key dimensions of digital security, namely: data preservation,data access and modification, data exchange, and interoperability and compliance.

The federation-based approach makes cross-border interoperation of eHealth services provided byindividual countries possible, while allowing each participating entity (private and public actors, as well asempowered citizens), to enforce specific policies for protection and control of personal and health relateddata. Data is collected, processed, and exchanged at multiple architectural levels, and over a numberof devices (including mobile ones) and communication protocols with differing security guarantees.KONFIDO develops solutions that will prevent unauthorised access, loss of data, and cyber-attacks.These include mechanisms that will protect data from intrusions by the cloud provider itself.

Experimental evidence will be collected, proving that KONFIDO systemic approach to security caneffectively increase patients’ empowerment, and help protect their health also while they are abroad.

To address the challenges of secure storage and exchange of eHealth data, protection and control overpersonal data, and security of health related data gathered by mobile devices, KONFIDO takes a holisticapproach i.e. one targeting all the architectural layers of an IT infrastructure, and specifically: storage,dissemination, processing, and presentation.

The approach will be implemented in a technological framework that relies on six technologypillars: security extensions provided by main CPU vendors, security solutions based on photonictechnologies, homomorphic encryption mechanisms, customised STORK-compliant eID support,customized extensions of selected SIEM solutions, disruptive logging and auditing mechanisms.

11


KONFIDO has a dramatic potential in terms of innovation in the field of coordinated care towardsimproved quality of healthcare solutions.

KONFIDO and SecureCloud projects have different technological aspects in common like the securityextensions provided by main CPU vendors. Collaboration between them will provide benefits for bothparts.

EXUS is the coordinator of KONFIDO, responsible for project management and quality assurance,and one of the main technology providers and integrators of the platform. EXUS is responsible for theapplication of block chain techniques and concepts in the cross-country exchange of the healthcare data.

Figure 3.3: Konfido logo

12

4 Advisory BoardThe Advisory Board (AB) is a group of stakeholders from sectors where SecureCloud results can bedirectly applied and/or to which SecureCloud results could be extended. Ideal candidates for joiningSecureCloud AB are experts in the field of cloud security, big data processing, and service dependability.

AB membership is voluntary and people can ask to join the group, by presenting an unbindingcandidature (Expression of Interest in the project and commitment to contribute to AB activities) whichcan be sent by e-mail to the project coordinator.

SecureCloud AB is currently composed of the following members:

Table 4.1: Advisory Board members

Contact Person Expertise Organization CountryFabioMartinelli

Critical Infrastructure Protection, Cloud Security Consiglio Nazionale delle Ricerche Italy

Zbigniew JerzakDistributed Computing, Computer Security and Reliability,Computer Communications

SAP Germany

Matthias Schunter Trustworthy Computing, Smart Grid Security Intel Germany

Paolo Monti Network Survivability, Communication NetworksRoyalInstitute of Technology (KTH)

Sweden

Ricardo Pereira Self-organizing Networks TIM Brazil Brazil

AB members have been or will be informed and kept updated on the project findings and progressthrough several channels:

• project website;

• video conferences;

• face to face meetings.

In fact, we invited all advisory board members to participate in the next project plenary meeting to beheld alongside with the review meeting in Brazil from 13th to 15th February 2017. Unfortunately, onlyone AB member will actually make it to the meeting. Therefore, we offered a remote participation bymeans of video conference system. Two additional AB members expressed their interest in such a remoteparticipation. As overall, this is not satisfactory we currently try to arrange an additional AB meetingwithin the next two months.

Furthermore the AB members have been informed about the role of the Advisory Board and asked to:

• Contribute their opinions about users’ and technology requirements;

• Contribute their opinions about value and application of SecureCloud results;

• Provide input (recommendations and advices) to the SecureCloud consortium in order to improveproject research activities;

• Disseminate SecureCloud results within the user community.

13

5 Scientific PublicationsDuring the first project period the papers listend below were produced.

5.1 Conference and Workshop Papers

SAC 2017 - ACM Symposium on Applied Computing, April 03-07, 2017, Marrakesh Morocco

Title: “Security and Privacy Preserving Data Aggregation in Cloud Computing”

Authors: Leandro Jos Ventura Silva, Rodolfo Marinho, Jos Luis Vivas, Andrey Brito

Abstract: Smart metering is an essential feature of smart grids, allowing residential customers to monitorand reduce electricity costs. Devices called smart meters allows residential customers to monitor andreduce electricity costs, promoting energy saving, demand management, and energy efficiency. However,monitoring a households’ energy consumption through smart meters poses serious privacy threats, andhave thus become a major privacy issue. Hence, a significant amount of research has appeared recentlywith the purpose of providing methods and mechanisms to reconcile smart metering technologies andprivacy requirements. However, most current approaches fall short in meeting one of several of therequirements for privacy preserving smart metering systems. In this paper we show how Intel SGXtechnology can be used to provide a simple and general solution for the smart metering privacy problemthat meets all these requirements in a satisfactory way. Moreover, we present also an implementation ofthe proposed architecture as well as a series of experiments that have been carried out in order to assesshow the proposed solution performs in comparison to a second implementation of the architecture thatcompletely disregards privacy issues.

DATE 2017, EU Project Special Session: from Secure Clouds to reliable and variable HPC

Title: “SecureCloud: Secure Big Data Processing in Untrusted Clouds”

Authors: SecureCloud Consortium

Abstract: We present the SecureCloud EU Horizon 2020 project, whose goal is to enable new big dataapplications that use sensitive data in the cloud without compromising data security and privacy. Forthis, SecureCloud designs and develops a layered architecture that allows for (i) the secure creationand deployment of secure micro-services; (ii) the secure integration of individual micro-services tofull-fledged big data applications; and (iii) the secure execution of these applications within untrustedcloud environments. To provide security guarantees, SecureCloud leverages novel security mechanismspresent in recent commodity CPUs, in particular, Intel’s Software Guard Extensions (SGX). SecureCloudapplies this architecture to big data applications in the context of smart grids. We describe theSecureCloud approach, initial results, and considered use cases.

URL: https://www.date-conference.com/conference/session/IP1

14


IEEE International Conference on Cloud Engineering (IC2E 2017), April 4-7, 2017, Vancouver,Canada

Title: “GenPack: A Generational Scheduler for Cloud Data Centers”

Authors: A. Havet, V. Schiavoni, P. Felber, M. Colmant, R. Rouvoy, C. Fetzer

Abstract: Cloud data centers largely rely on virtualization to provision resources and host servicesacross their infrastructure. The scheduling problem has been widely studied and is well understoodwhen the resource requirements and the expected lifetime of services are known beforehand. In contrast,when workloads are not known in advance, effective scheduling of services, and more generally systemcontainers, becomes much more complex. In this paper, we propose GENPACK, a framework for systemcontainers scheduling in cloud data centers that leverages principles from generational garbage collection(GC). It combines runtime monitoring of system containers to learn their requirements and properties,and a scheduler that manages different generations of servers. The population of these generations mayvary over time depending on the global load, hence they are subject to being shut down when idle to saveenergy. We implemented GENPACK and tested it in a dedicated data center, showing that it can be up to23% more energy-efficient that SWARMs built-in scheduling policies on a real-world trace.

URL: https://hal.inria.fr/hal-01403486

IPDPS 2017 - 31st IEEE International Parallel & Distributed Processing Symposium, May 29June 2, 2017 Orlando, Florida USA

Title: “FFQ: A Fast Single-Producer/Multiple-Consumer Concurrent FIFO Queue”

Authors: S. Arnautov, P. Felber, C. Fetzer and B. Trach

Abstract: With the spreading of multi-core architectures, operating systems and applications arebecoming increasingly more concurrent and their scalability is often limited by the primitives usedto synchronize the different hardware threads. In this paper, we address the problem of how to optimizethe throughput of a system with multiple producer and consumer threads. Such applications typicallysynchronize their threads via multi- producer/multi-consumer FIFO queues, but existing solutions havepoor scalability, as we could observe when designing a secure application framework that requireshigh-throughput communication between many concurrent threads. In our target system, however, theitems enqueued by different producers do not necessarily need to be FIFO ordered. Hence, we proposea fast FIFO queue, FFQ, that aims at maximizing throughput by specializing the algorithm for single-producer/multiple-consumer settings: each producer has its own queue from which multiple consumerscan concurrently dequeue. Furthermore, while we provide a wait-free interface for producers, we limitourselves to lock- free consumers to eliminate the need for helping. We also propose a multi-producervariant to show which synchronization opera- tions we were able to remove by focusing on a singleproducer variant. Our evaluation analyses the performance using micro- benchmarks and compares ourresults with other state-of-the-art solutions: FFQ exhibits excellent performance and scalability.

15


EuroSys 2017 - The European Conference on Computer Systems, April 23-26, 2017, BelgradeSerbia

Title: “SGXBounds: Memory Safety for Shielded Execution”

Authors: D. Kuvaiskii, O. Oleksenko, S. Arnautov, B. Trach, P. Bhatotia, P. Felber, C. Fetzer

Abstract: Shielded execution based on Intel SGX provides strong security guarantees for legacyapplications running on untrusted platforms. However, memory safety attacks such as Heartbleedcan render the confidentiality and integrity properties of shielded execution completely ineffective.To prevent these attacks, the state-of-the-art memory-safety approaches can be used in the context ofshielded execution. In this work, we first showcase that two prominent software- and hardware-baseddefenses, AddressSanitizer and Intel MPX respectively, are impractical for shielded execution due tohigh performance and memory overheads. This motivated our design of SGXBounds – an efficientmemory-safety approach for shielded execution exploiting the architectural features of Intel SGX. Ourdesign is based on a simple combination of tagged pointers and compact memory layout. We implementedSGXBounds based on the LLVM compiler framework targeting unmodified multithreaded applications.Our evaluation using Phoenix, PARSEC, and RIPE benchmark suites shows that SGXBounds hasperformance and memory overheads of 18% and 0.1% respectively, while providing security guaranteessimilar to AddressSanitizer and Intel MPX. We have obtained similar results with four real-world casestudies: SQLite, Memcached, Apache, and Nginx.

PDP 2017, 25th Euromicro International Conference on Parallel, Distribuited and Network-basedProcessing St. Petersburg, Russia, March 6-8, 2017

Title: “Cloudifying Critical Applications: a Use Case from the Power Grid Domain”

Authors: F. Campanile, L. Coppolino, S. D’Antonio, L. Lev, G. Mazzeo, L. Romano, L. Sgaglione, F.Tessitore

Abstract: The cloud computing paradigm is gaining more and more momentum, to the extent that itis no more confined to its initial application domains, i.e. use by enterprises and businesses that aresimply willing to lower costs or to increase computing capacity in a flexible manner. In particular,increasing interest is recently being paid to the dramatic potentials that the use of cloud computingtechnology by critical infrastructure (CI) operators might bring about, in terms of benefits for the societyat large. Since accidental or deliberate damage to a CI may result in devastating consequences, thismandates for dependable and trustworthy security mechanisms in cloud platforms. In this paper, wepresent a distributed application for real-time monitoring of a Power Grid. The application, which iscalled PoGriMon, is deployed on top of the SecureCloud platform, a security-enhanced IaaS solution thatexploits the Intel Software Guard eXtension (SGX) technology. PoGriMon has been designed based onthe requirements of the SCADA network of the Israeli Electric Corporation (IEC), and is currently beingvalidated in a realistic setup also provided by IEC.

16


Middleware ’16 Proceedings of the 17th International Middleware Conference

Title: “Secure Content-Based Routing Using Intel Software Guard Extensions”

Authors: R. Pires, M. Pasin, P. Felber, C. Fetzer

Abstract: Content-based routing (CBR) is a powerful model that supports scalable asynchronouscommunication among large sets of geographically distributed nodes. Yet, preserving privacy representsa major limitation for the wide adoption of CBR, notably when the routers are located in publicclouds. Indeed, a CBR router must see the content of the messages sent by data producers, as wellas the filters (or subscriptions) registered by data consumers. This represents a major deterrent forcompanies for which data is a key asset, as for instance in the case of financial markets or to conductsensitive business-to-business transactions. While there exists some techniques for privacy-preservingcomputation, they are either prohibitively slow or too limited to be usable in real systems. In thispaper, we follow a different strategy by taking advantage of trusted hardware extensions that have justbeen introduced in off-the-shelf processors and provide a trusted execution environment. We exploitIntel’s new software guard extensions (SGX) to implement a CBR engine in a secure enclave. Thanksto the hardware-based trusted execution environment (TEE), the compute-intensive CBR operationscan operate on decrypted data shielded by the enclave and leverage efficient matching algorithms.Extensive experimental evaluation shows that SGX adds only limited overhead to insecure plaintextmatching outside secure enclaves while providing much better performance and more powerful filteringcapabilities than alternative software-only solutions. To the best of our knowledge, this work is the first todemonstrate the practical benefits of SGX for privacy-preserving CBR.

URL: http://dl.acm.org/citation.cfm?doid=2988336.2988346

Title: “SecureKeeper: Confidential ZooKeeper using Intel SGX”

Authors: S. Brenner, C. Wulf, D. Goltzsche, N. Weichbrodt, M. Lorenz, C. Fetzer, P. Pietzuch, R. Kapitza

Abstract: Cloud computing, while ubiquitous, still suffers from trust issues, especially for applicationsmanaging sensitive data. Third-party coordination services such as ZooKeeper and Consul arefundamental building blocks for cloud applications, but are exposed to potentially sensitive applicationdata. Recently, hardware trust mechanisms such as Intel’s Software Guard Extensions (SGX) offer trustedexecution environments to shield application data from untrusted software, including the privilegedOperating System (OS) and hypervisors. Such hardware support suggests new options for securingthird-party coordination services.

We describe SecureKeeper, an enhanced version of the ZooKeeper coordination service that usesSGX to preserve the confidentiality and basic integrity of ZooKeeper-managed data. SecureKeeper usesmultiple small enclaves to ensure that (i) user-provided data in ZooKeeper is always kept encrypted whilenot residing inside an enclave, and (ii) essential processing steps that demand plaintext access can still beperformed securely. SecureKeeper limits the required changes to the ZooKeeper code base and relieson Java’s native code support for accessing enclaves. With an overhead of 11%, the performance ofSecureKeeper with SGX is comparable to ZooKeeper with secure communication, while providing much

17


stronger security guarantees with a minimal trusted code base of a few thousand lines of code.

URL: http://dl.acm.org/citation.cfm?id=2988350

12th USENIX Symposium on Operating Systems Design and Implementation

Title: “SCONE: Secure Linux Containers with Intel SGX”

Authors: S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, D. Muthukumaran, D.O’Keeffe, M. Stillwell, D. Goltzsche, D. Eyers, R. Kapitza, P. Pietzuch, C. Fetzer

Abstract: In multi-tenant environments, Linux containers managed by Docker or Kubernetes havea lower resource footprint, faster startup times, and higher I/O performance compared to virtualmachines (VMs) on hypervisors. Yet their weaker isolation guarantees, enforced through software kernelmechanisms, make it easier for attackers to compromise the confidentiality and integrity of applicationdata within containers. We describe SCONE, a secure container mechanism for Docker that uses theSGX trusted execution support of Intel CPUs to protect container processes from outside attacks. Thedesign of SCONE leads to (i) a small trusted computing base (TCB) and (ii) a low performance overhead:SCONE offers a secure C standard library interface that transparently encrypts/decrypts I/O data; toreduce the performance impact of thread synchronization and system calls within SGX enclaves, SCONEsupports user-level threading and asynchronous system calls. Our evaluation shows that it protectsunmodified applications with SGX, achieving 0.6x1.2x of native throughput.

URL: https://zenodo.org/record/163059

5.2 Journal Publications

IEEE Security & Privacy, vol. 14, no. 6, pp. 86-89, Nov.-Dec. 2016. doi: 10.1109/MSP.2016.129

Title: “Building Critical Applications Using Microservices”

Authors: C. Fetzer

Abstract: Safeguarding the correctness of critical software is a grand challenge. A microservice-based system is described that builds trustworthy systems on top of legacy hardware and softwarecomponents, ensuring microservices’ integrity, confidentiality, and correct execution with the help ofsecure enclaves.

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\&arnumber=7782696\&isnumber=7782693

18


5.3 Submitted Papers

Title: “Teechan: Payment Channels Using Trusted Execution Environments”

Authors: J. Lind, I. Eyal, P. Pietzuch, and E. G. Sirer

Abstract: Blockchain protocols are inherently limited in transaction through-put and latency. Recentefforts to address these performance metrics and scaleblockchains have focused on off-chain paymentchannels. While such channelscan achieve low latency and high throughput, deploying them securely ontop ofthe Bitcoin blockchain has been difcult, partly because building a secure androbust implementationrequires changes to the underlying protocol as well as theoverall ecosystem.We present Teechan, afull-duplex payment channel framework that exploitstrusted execution environments. Teechan can bedeployed securely on the existingBitcoin blockchain without having to modify the protocol. Teechan: (i)achieves ahigher transaction throughput and lower transaction latency than prior solutions;(ii) enablesunlimited full-duplex payments as long as the balance does not exceedthe channels credit; (iii) requiresonly a single message to be sent per payment inany direction; and (iv) places only two transactions on theblockchain under anyexecution scenario. We have built and deployed the Teechan framework using IntelSGX on the Bit-coin network. Our experiments show that Teechan can achieve 2,480 transactionspersecond on a single channel, with sub-millisecond latency.

URL: https://arxiv.org/abs/1612.07766

19

6 Project MeetingsDuring the project meetings the project status was evaluated and subgroups meetings on specific topicswere held. Through these sessions other projects for potential collaborations were selected.

6.1 January 2016 Kick-Off Meeting (KOM) - Champery (CH)

The SecureCloud Kick-Off Meeting (KOM) took place in Champery (CH) on January 25, 2016.

The objective of the kick-off meeting was to make all members aware of the project objectives,assumptions, constraints, deliverables, challenges, methodologies, procedures, plans, workingenvironment. All project partners have understood the project objectives well. This helped themto start the project more efficiently.

6.2 May 2016 Meeting - Dresden (DE)

The first SecureCloud Plenary Meeting took place in Dresden (DE) on May 25, 2016.

6.3 October 2016 Plenary Meeting - Procida (IT)

The second Plenary Meeting was held on October 4-6, 2016 at the “La Tonnara Hotel” in Procida, Italy.During this meeting each technological provider has highlighted the achieved results in the developmentof the components that will be used for the implementation of the SecureCloud platform.

Figure 6.1: October 2016 Plenary Meeting in Procida(IT)

20

7 ConclusionsThe document described the communication channels and the dissemination and clustering activitiesperformed by SecureCloud partners during the first twelve months of project activity. The consortiumhas implemented all the actions that had been planned in the DoA, according to the schedule. Thishas enabled the consortium to inform a wide audience - consisting of a variety of stakeholders - aboutmajor project results and achievements. The SecureCloud project has also collaborated with otherprojects, funded by the EU or by the Brazilian government, targeting issues that are closely related orcomplementary to the SecureCloud workplan. This has resulted in synergies and in the organization oftwo joint workshops, namely: the 1st Workshop on System Software for Trusted Execution (SysTEX2016) and the International Workshop On Assured Cloud Computing And QoS Aware Big Data (tobe held in the next reporting period). The security framework proposed by the project has also beenpresented, both at public events and to selected audiences by means of demos and/or seminars.

A variety of dissemination channels have been used, including: the project Web site (mainly meantfor the public at large), newsletters (providing highlights on specific aspects, achievements or events),social network accounts (to implement proactive dissemination), a project mailing list feature (targetingregistered users), and gitlab support (for facilitating cooperative work among project partners).

Project technical meetings were very productive, since they included both plenary sessions andsub-group meetings on specific issues/activities. As to collaboration, the approach taken by SecureCloudwas to select a few projects with which to engage in joint activities (as opposed to implement shallowinteractions with a multitude of projects whose scope was loosely connected to the core interests ofSecureCloud). The selection was done based on two criteria: 1) the commonality and of complementarityof the topics addressed, and 2) the availability of direct connections with SecureCloud PIs.

As to publications, ten have already been accepted, and several that have already been submitted arecurrently under evaluation. The list of published papers is available on the project Web site. For eachpaper, the abstract is also available, along with the complete bibliographical information, so to allowinterested readers to get ahold of the full contents (on the publisher’s web site or elsewhere).

The plan for the next period is basically to consolidate the results achieved so far, and to implementthe remaining actions.

21

SecureCloud · EUBra-BIGSEA project aims at developing a set of cloud services empowering Big Data...

Documents

Transcript of SecureCloud · EUBra-BIGSEA project aims at developing a set of cloud services empowering Big Data...