| dc.contributor.advisor | Johansen, Dag | |
| dc.contributor.author | Gjerdrum, Anders Tungeland | |
| dc.date.accessioned | 2020-10-15T12:33:05Z | |
| dc.date.available | 2020-10-15T12:33:05Z | |
| dc.date.issued | 2020-10-30 | |
| dc.description.abstract | Cloud computing offers the convenience of outsourcing storage and processing power to a public shared environment. Physical infrastructure is managed by the cloud provider, allowing hosted services to be deployed without any upfront investment. Cloud infrastructure may additionally manage deployment, migration, scalability, and fault tolerance, transparently from the hosted service. Serverless computing, and more specifically Functions-as-a-Service, is a natural continuation of this trend, narrowing the computational scope down to individually deployable cloud functions, which are scalable and billable on demand.
Contemporary cloud services require that sensitive data such as user identifiable information be protected from unauthorized access. However, a conventional cloud security threat models assumes that the underlying public cloud infrastructure can be trusted. Physical attacks on server hardware conducted by an unfaithful employee may compromise the entire software stack. Moreover, a compromised operating system or hypervisor may directly inspect information in less privileged execution contexts.
Dedicated hardware such as Trusted Execution Environments (TEE) mitigate such attacks by enabling privileged application containers, protected from inspection by the untrusted underlying system. Intel SGX introduces one such hardware system implementing support for hosting secure segments of code and data (enclaves) on commodity x86-64 platforms. Enclaves may be attested remotely, however the attestation evidence is limited to the enclave’s initial state. SGX is considered feature rich compared to similar TEEs, however, the threat model of SGX leads to some architectural intrinsics which may impact the runtime performance.
This thesis present the design and implementation of Diggi; an efficient trusted cloud function runtime implemented in SGX. Diggi enables the development of secure applications, composed of multiple persistent and accountable cloud functions which may be jointly authenticated through co-attestation. We demonstrate that the design of Diggi is practical, and additionally, that it reduces the overhead of SGX compared with standard runtime execution techniques. We further demonstrate the applicability of Diggi by implementing two pseudo- real application workloads demonstrating a database management system and a machine learning inference pipeline on top of the Diggi runtime. | en_US |
| dc.description.doctoraltype | ph.d. | en_US |
| dc.description.sponsorship | I would like to thank UiT: The Arctic University of Norway, for hosting me and funding my research for the last 4 years. | en_US |
| dc.identifier.isbn | 978-82-8236-410-2 (trykt), 978-828236-411-9 (PDF) | |
| dc.identifier.uri | https://hdl.handle.net/10037/19607 | |
| dc.language.iso | eng | en_US |
| dc.publisher | UiT Norges arktiske universitet | en_US |
| dc.publisher | UiT The Arctic University of Norway | en_US |
| dc.relation.haspart | <p>Paper I: Gjerdrum, A.T., Johansen, H.D. & Johansen, D. (2016). Implementing Informed Consent as Information-Flow Policies for Secure Analytics on eHealth Data: Principles and Practices. <i>IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE) </i> (p. 107-112). Washington, DC: IEEE. Published version not available in Munin due to publisher’s restrictions. Published version available at <a href=https://doi.org/10.1109/CHASE.2016.39>https://doi.org/10.1109/CHASE.2016.39</a>.
<p>Paper II: Gjerdrum, A.T., Pettersen, R., Johansen H. D. & Johansen, D. (2017). Performance of Trusted Computing in Cloud Infrastructures with Intel SGX. <i>Proceedings of the 7th International Conference on Cloud Computing and Services Science (CLOSER 2017)</i> (p. 668-675). SCITEPRESS. Also available at <a href=https://doi.org/10.5220/0006373706960703> https://doi.org/10.5220/0006373706960703</a>.
<p>Paper III: Gjerdrum A.T., Pettersen R., Johansen H.D., Johansen D. (2018). Performance Principles for Trusted Computing with Intel SGX. In: Ferguson D., Muñoz V., Cardoso J., Helfert M. & Pahl C. (Eds), <i>Cloud Computing and Service Science. CLOSER 2017. Communications in Computer and Information Science, vol 864</i> (p. 1-18). Cham: Springer. Also available at <a href=https://doi.org/10.1007/978-3-319-94959-8_1>https://doi.org/10.1007/978-3-319-94959-8_1</a>. Accepted manuscript version available in Munin at <a href=https://hdl.handle.net/10037/14666>https://hdl.handle.net/10037/14666</a>.
<p>Paper IV: Birrell, E., Gjerdrum, A., van Renesse, R., Johansen, H., Johansen, D. & Schneider, F.B. (2018). SGX Enforcement of Use-Based Privacy. <i>Proceedings of the 2018 Workshop on Privacy in the Electronic Society (WPES'18)</i> (p. 155–167). New York, NY, USA: Association for Computing Machinery. Also available at <a href=https://doi.org/10.1145/3267323.3268954> https://doi.org/10.1145/3267323.3268954</a>.
<p>Paper V: Gjerdrum, A.T., Johansen, H.D., Brenna, L. & Johansen, D. (2019). Diggi: A Secure Framework for Hosting Native Cloud Functions with Minimal Trust. <i>2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)</i> (p. 18-27). Los Angeles, CA, USA: IEEE. Published version not available in Munin due to publisher’s restrictions. Published version available at <a href=https://doi.org/10.1109/TPS-ISA48467.2019.00012>https://doi.org/10.1109/TPS-ISA48467.2019.00012</a>. | en_US |
| dc.rights.accessRights | openAccess | en_US |
| dc.rights.holder | Copyright 2020 The Author(s) | |
| dc.subject.courseID | DOKTOR-004 | |
| dc.subject | VDP::Mathematics and natural science: 400::Information and communication science: 420::Security and vulnerability: 424 | en_US |
| dc.subject | VDP::Matematikk og Naturvitenskap: 400::Informasjons- og kommunikasjonsvitenskap: 420::Sikkerhet og sårbarhet: 424 | en_US |
| dc.title | Diggi: A Distributed Serverless Runtime for Developing Trusted Cloud Services | en_US |
| dc.type | Doctoral thesis | en_US |
| dc.type | Doktorgradsavhandling | en_US |
English
norsk
