21 posters,  3 sessions,  58 authors,  17 institutions

ePostersLive® by SciGen® Technologies S.A. All rights reserved.

P03
Using Intel SGX for Streaming Applications

Rate

No votes yet

CLOUD COMPUTING
• Pay what you use
• No setup or maintenance costs
• Scalable for as much as needed
• Ease of use and maintenance for tenants

SECURITY IN THE CLOUD
Fully Homomorphic Encryption is best
• Too slow
• Not practical

STREAM PROCESSING SYSTEMS
Stream processing is used to analyze continuous stream of data like tweets or stock market information. It’s different from batching system (such as MapReduce).
They are:
• Designed for continuous stream of traffic
• Producing results regularly
• Low latency processing
• Long-lived jobs

DESIGN PRINCIPLES
Performance:
• Minimize the number of enclave calls
• Minimize the data needed to be passed through the enclave
• Minimizing encryption overheads
Security:
• Minimizing trusted code base
• Loading code and data requires enclave attestation
• Provide data integrity
• Access pattern attacks are prevalent must be avoided
• Seal and encrypt the data and possibly parts of the code

KEY-BASED GROUPING
Key-based grouping is used to calculate aggregate statistics in stream processing systems. Thus, it forces all the values associated with the same key to go to the same instance of a bolt. This means that there is a one to one relationship between the key and the instance that handles that key. This behavior can leak information. We will compare different techniques using adversarial advantage - the ratio between accuracy with network access pattern knowledge to the accuracy of adversary with random guessing. The techniques are:
broadcast | multicast | load-balancing | round-robin | random | key-based

OVERHEADS
For measuring overheads we orchestrated an experimental stream processing system modeled after Apache Storm abstractions. We implemented a scalable
distributed word count application.
Three versions of the application are evaluated:
• Native application
• Enclaved version w/o encryption
• Enclaved version w/ encryption

Enter Poster ID (e.gGoNextPreviousCurrent