Show simple item record

dc.contributor.advisorBrenna, Lars
dc.contributor.advisorGjerdrum, Anders
dc.contributor.advisorJohansen, Håvard
dc.contributor.authorHoff, Helge
dc.date.accessioned2018-07-02T12:37:43Z
dc.date.available2018-07-02T12:37:43Z
dc.date.issued2018-06-01
dc.description.abstractCaching services are vital for the performance of large-scale web services running in the cloud. However, placing sensitive data in caching services, implicitly includes all components of the cloud infrastructure that can be exploited. Therefore, end-users place their trust in the entire security stack of their service providers. In order to achieve confidentiality and integrity of sensitive data residing in cache services, the cloud infrastructure must be removed from the set of trusted components. This has led to a wide adoption of hardware-assisted Trusted Execution Environments (TEEs), protecting user-level software from higher-privileged system software. The capabilities of TEEs do not support running legacy applications out-of-the-box. Many prominent frameworks for tees have been developed to achieve applicability through providing common programming abstractions. However, these frameworks focus on providing native Linux services for tees, which increases the probability for a trusted software component to be exploited. Diggi is one such framework, utilizing Intel’s Software Guard Extension (SGX) trusted computing infrastructure to provide secure execution. Diggi differs from other framework for tees by implementing simplified abstraction for creating distributed cloud applications. Moreover, by employing logically separated tasks split into multiple units of application code, Diggi allows moving parts of the application code and data into a tee, like, for instance, a caching service. This allows to drastically reduce the set of trusted components in a system, and only include the parts that require strong security guarantees. This thesis describes the introduction of a modified memcached implementation, called SecureCached, to the Diggi framework. We demonstrate the feasibility of having a distributed cache deployed in a trusted execution environment.en_US
dc.identifier.urihttps://hdl.handle.net/10037/13116
dc.language.isoengen_US
dc.publisherUiT Norges arktiske universiteten_US
dc.publisherUiT The Arctic University of Norwayen_US
dc.rights.accessRightsopenAccessen_US
dc.rights.holderCopyright 2018 The Author(s)
dc.rights.urihttps://creativecommons.org/licenses/by-nc-sa/3.0en_US
dc.rightsAttribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0)en_US
dc.subject.courseIDINF-3981
dc.subjectVDP::Teknologi: 500::Informasjons- og kommunikasjonsteknologi: 550::Datateknologi: 551en_US
dc.subjectVDP::Technology: 500::Information and communication technology: 550::Computer technology: 551en_US
dc.titleSecureCached. Secure caching with the Diggi framework.en_US
dc.typeMaster thesisen_US
dc.typeMastergradsoppgaveen_US


File(s) in this item

Thumbnail
Thumbnail

This item appears in the following collection(s)

Show simple item record

Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0)
Except where otherwise noted, this item's license is described as Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0)