Visible to the public Secure Tera-scale Data Crunching with a Small TCB

TitleSecure Tera-scale Data Crunching with a Small TCB
Publication TypeConference Paper
Year of Publication2017
AuthorsVavala, B., Neves, N., Steenkiste, P.
Conference Name2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
Keywordscloud computing, composability, cryptography, data handling, Hardware, hypervisor, Intel SGX, large state on a generic trusted component, large-scale data, LASTGT system, Libraries, Memory management, Metrics, Outsourced Database Integrity, pubcrawl, Resiliency, secure execution, secure virtual memory, security of data, self-contained services, tera-scale data crunching, Trusted Computing, trusted computing base, trusted hardware, virtual memory, virtual storage

Outsourcing services to third-party providers comes with a high security cost-to fully trust the providers. Using trusted hardware can help, but current trusted execution environments do not adequately support services that process very large scale datasets. We present LASTGT, a system that bridges this gap by supporting the execution of self-contained services over a large state, with a small and generic trusted computing base (TCB). LASTGT uses widely deployed trusted hardware to guarantee integrity and verifiability of the execution on a remote platform, and it securely supplies data to the service through simple techniques based on virtual memory. As a result, LASTGT is general and applicable to many scenarios such as computational genomics and databases, as we show in our experimental evaluation based on an implementation of LAST-GT on a secure hypervisor. We also describe a possible implementation on Intel SGX.

Citation Keyvavala_secure_2017