Obliviate: A Data Oblivious File System for Intel SGX. Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee

Size: px
Start display at page:

Download "Obliviate: A Data Oblivious File System for Intel SGX. Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee"

Transcription

1 Obliviate: A Data Oblivious File System for Intel SGX Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee 1

2 Clouds? The Ultimate Dream? User Clouds 2

3 Clouds? The Ultimate Dream? User Clouds 2

4 Clouds? The Ultimate Dream? Hmm, SGX?? User Clouds 2

5 Clouds? The Ultimate Dream? Hmm, SGX?? User Clouds 2

6 Clouds? The Ultimate Dream? Hmm, SGX?? User Clouds 2

7 Clouds? The Ultimate Dream? Hmm, SGX?? Thanks, SGX?! User Clouds 2

8 Clouds? The Ultimate Dream? Hmm, SGX?? Thanks, SGX?! The real world is a bit more complicated! User Clouds 2

9 The sorcery behind SGX Program s Address Space 3

10 The sorcery behind SGX Trusted execution region Confidentiality and integrityprotected Enclave Non- Enclave Program s Address Space 3

11 The sorcery behind SGX Trusted execution region Confidentiality and integrityprotected Enclave Restricted by the processor Non- Enclave System Components Program s Address Space 3

12 Possible SGX File Systems Disk 4

13 Possible SGX File Systems Enclaves are ring-3 Disk 4

14 Possible SGX File Systems Enclaves are ring-3 Rely on OS for ring-0 ops Operating System Disk 4

15 Possible SGX File Systems Enclaves are ring-3 Rely on OS for ring-0 ops Operating System 1. open( a.txt ); 2. read(2, 0x1000, 4096); 3.. Disk 4

16 Possible SGX File Systems Enclaves are ring-3 Rely on OS for ring-0 ops Operating System 1. open( a.txt ); 2. read(2, 0x1000, 4096); 3.. Allow OS to handle file buffer (native) Disk 4

17 Possible SGX File Systems Enclaves are ring-3 Buffer the file within the enclave (in-memory) Rely on OS for ring-0 ops Operating System 1. open( a.txt ); 2. read(2, 0x1000, 4096); 3.. Allow OS to handle file buffer (native) Disk 4

18 Side-channel attacks against in-memory FS Enclave Data.txt Operating System Page table attacks against SGX [S&P14, SEC17] Cache attacks against SGX [DIMVA17, WOOT17, EuroSec17] 5

19 Side-channel attacks against in-memory FS Page Table Enclave Access Frame # 0 0x1000 Accessed by the enclave Data.txt 0 0x x x x1004 Operating System Page table attacks against SGX [S&P14, SEC17] Cache attacks against SGX [DIMVA17, WOOT17, EuroSec17] 5

20 Side-channel attacks against in-memory FS Page Table Enclave Access Frame # 01 0x1000 Accessed by the enclave Data.txt 0 0x x x x1004 Operating System Page table attacks against SGX [S&P14, SEC17] Cache attacks against SGX [DIMVA17, WOOT17, EuroSec17] 5

21 Side-channel attacks against in-memory FS Accessed by the enclave Enclave Data.txt Page table attacks against SGX [S&P14, SEC17] Page Table Access Frame # 01 0x x x x x1004 Cache cache-set 0 cache-set 1 cache-set 2 cache-set 3 Operating System Cache attacks against SGX [DIMVA17, WOOT17, EuroSec17] 5

22 Side-channel attacks against in-memory FS Accessed by the enclave Enclave Data.txt Page table attacks against SGX [S&P14, SEC17] Page Table Access Frame # 01 0x x x x x1004 Cache cache-set 0 cache-set 1 cache-set 2 cache-set 3 Operating System Cache attacks against SGX [DIMVA17, WOOT17, EuroSec17] 5

23 Case Study: Attacking SQlite Doctor Cloud 6

24 Case Study: Attacking SQlite Doctor attempts to access a patient s history Doctor Cloud 6

25 Case Study: Attacking SQlite Doctor attempts to access a patient s history Query1: Bob s heart history Doctor Query2: Alice s heart history Cloud 6

26 Case Study: Attacking SQlite Doctor attempts to access a patient s history Query1: Bob s heart history Doctor Query2: Alice s heart history Cloud SGX-protected SQLite 6

27 Case Study: Attacking SQlite Doctor attempts to access a patient s history Name Heart condition Lungs Condition Query1: Bob s heart history Doctor Query2: Alice s heart history Cloud SGX-protected SQLite 6

28 What the attacker sees? Name med.db Heart condition Lung Condition Bob Alice Eve

29 What the attacker sees? Query1: Bob s heart history Name med.db Heart condition Lung Condition Bob Alice Eve

30 What the attacker sees? Query1: Bob s heart med.db Syscall Snooping Attack history 1. open( med.db,..); Name Bob Heart condition Lung Condition 2. pread64(,4096,0); 3. pread64(,4096,4096); 4. pread64(,4096,32768); Alice Eve

31 Address What the attacker sees? Query1: Bob s heart med.db Syscall Snooping Attack history 1. open( med.db,..); Name Bob Heart condition Lung Condition 2. pread64(,4096,0); 3. pread64(,4096,4096); 4. pread64(,4096,32768); Page Table Attack Alice Eve Time

32 Address What the attacker sees? Query1: Bob s heart med.db Syscall Snooping Attack history 1. open( med.db,..); Name Bob Heart condition Lung Condition 2. pread64(,4096,0); 3. pread64(,4096,4096); 4. pread64(,4096,32768); Page Table Attack Query1 Alice Eve Time

33 Address What the attacker sees? Query1: Bob s heart med.db Syscall Snooping Attack history 1. open( med.db,..); Name Bob Heart condition Lung Condition 2. pread64(,4096,0); 3. pread64(,4096,4096); 4. pread64(,4096,32768); Page Table Attack Alice Query2: Alice s heart history Eve Time

34 Address What the attacker sees? Query1: Bob s heart med.db Syscall Snooping Attack history 1. open( med.db,..); Name Bob Heart condition Lung Condition 2. pread64(,4096,0); 3. pread64(,4096,4096); 4. pread64(,4096,32768); Page Table Attack Query2: Alice s heart history Alice Eve 1. open( med.db,..); 2. pread64(,4096,0); 3. pread64(,4096,4096); 4. pread64(,4096,40960); Time

35 Address What the attacker sees? Query1: Bob s heart med.db Syscall Snooping Attack history 1. open( med.db,..); Name Bob Heart condition Lung Condition 2. pread64(,4096,0); 3. pread64(,4096,4096); 4. pread64(,4096,32768); Page Table Attack Query2 Query2: Alice s heart history Alice Eve 1. open( med.db,..); 2. pread64(,4096,0); 3. pread64(,4096,4096); 4. pread64(,4096,40960); Time

36 Address What the attacker sees? Query1: Bob s heart med.db Syscall Snooping Attack history 1. open( med.db,..); Heart Lung Name 2. pread64(,4096,0); condition Condition 3. pread64(,4096,4096); 4. pread64(,4096,32768); Predictable access patterns in file operations leak Bob Query2: Alice s heart history Alice Eve sensitive information! 1. open( med.db,..); 2. pread64(,4096,0); 3. pread64(,4096,4096); 4. pread64(,4096,40960); Page Table Attack Query2 Time

37 What should we do? 8

38 What should we do? Masking individual memory side-channels is risky 8

39 What should we do? Masking individual memory side-channels is risky Memory side-channels rely on predictable access patterns 8

40 What should we do? Masking individual memory side-channels is risky Memory side-channels rely on predictable access patterns How to provide strong protection despite memory traces? 8

41 What should we do? Masking individual memory side-channels is risky Memory side-channels rely on predictable access patterns How to provide strong protection despite memory traces? Oblivious RAM is one possible solution to this problem 8

42 Oblivious RAM User s goal: Securely access data stored in the cloud Attacker s goal: Figure out what data-block is being accessed A B C D E F User Clouds 9

43 Path ORAM Improved variant of Oblivious RAM [Stephanov et. al, CCS12] stores position of block stores acquired blocks Position Map A 00 B 01 C 10 D 11 Stash d ORAM Tree d 0 1 A B d D C holds encrypted real blocks and dummy blocks d dummy A Legend real Client Server 10

44 11

45 11

46 OBLIVIATE! 11

47 OBLIVIATE! 11

48 Obliviate: memory charm against the OS Application Enclave Filesystem Enclave Obliviate Disk 12

49 Obliviate: memory charm against the OS Application Enclave Filesystem Enclave Obliviate ORAM Trees C A B D (Init) load all files into ORAM Tree(s) Disk 12

50 Obliviate: memory charm against the OS Application Enclave Filesystem Enclave 1. FS Syscall Interceptor Obliviate Trusted Proxy ORAM Trees C A B D Disk 12

51 Obliviate: memory charm against the OS Application Enclave Filesystem Enclave Obliviate Trusted Proxy ORAM Trees 2. Encrypted Channel C A B D Disk 12

52 Obliviate: memory charm against the OS Application Enclave 3. Data Oblivious Metadata Handling Filesystem Enclave Obliviate Trusted Proxy ORAM Trees C A B D Disk 12

53 Obliviate: memory charm against the OS Application Enclave Filesystem Enclave Obliviate 4. Asynchronous ORAM Operation Trusted Proxy ORAM Trees C A B D Disk 12

54 Obliviate: memory charm against the OS Application Enclave Filesystem Enclave Obliviate Trusted Proxy ORAM Trees C A B D 5. Extended Secure Region Disk 12

55 Decoupling file system support Application Enclaves Obliviate Disk 13

56 Decoupling file system support Application Enclaves Obliviate Pass all FS syscalls using encrypted channel Disk 13

57 Decoupling file system support Application Enclaves Obliviate Allow Obliviate to worry about securing file access Pass all FS syscalls using encrypted channel Disk 13

58 Decoupling file system support Application Enclaves Obliviate Allow Obliviate to worry about securing file access Separation of functions facilitates development! Pass all FS syscalls using encrypted channel Disk 13

59 Legacy application support Application 14

60 Legacy application support Application Intercept FS syscalls and encrypt Trusted Proxy 14

61 Legacy application support Application Intercept FS syscalls and encrypt Exit-less message queue (SCONE [OSDI16], ELEOS [EuroSys17]) Trusted Proxy Oblivate Disk 14

62 Legacy application support Application Intercept FS syscalls and encrypt No changes from the app developer! Trusted Proxy Oblivate Exit-less message queue (SCONE [OSDI16], ELEOS [EuroSys17]) Disk 14

63 Securing ORAM Obliviate Application Disk 15

64 Securing ORAM Application Obliviate ORAM client Position Map Stash Need to store metadata in enclave Disk 15

65 Securing ORAM Obliviate Application ORAM client Position Map Stash Obliviate s enclave is not side-channel free Disk 15

66 Securing ORAM Obliviate Application ORAM client Position Map Stash Position Map Disk 15

67 Securing ORAM Obliviate Application ORAM client Position Map Stash Position Map Load from index Disk 15

68 Securing ORAM Obliviate Last-Level Cache cache-set 0 Application ORAM client Position Map cache-set 1 cache-set 2 cache-set 3 Position Map Stash Page Table Access Frame # 0 0x x x x1003 Disk 15

69 Securing ORAM Application Obliviate ORAM client Position Map Last-Level Cache cache-set 0 cache-set 1 cache-set 2 cache-set 3 Use Conditional Move (CMOV) Position Map Stash Page Table Access Frame # 0 0x x x x1003 Disk 15

70 Securing ORAM Application Obliviate ORAM client Position Map Last-Level Cache cache-set 0 cache-set 1 cache-set 2 cache-set 3 Use Conditional Move (CMOV) Position Map Stash Page Table Access Frame # 10 0x x x x1003 Disk 15

71 Securing ORAM Application Obliviate ORAM client Position Map Last-Level Cache cache-set 0 cache-set 1 cache-set 2 cache-set 3 Use Conditional Move (CMOV) Position Map Stash Page Table Access Frame # 10 0x x1001 Disk 10 0x x1003 The attacker cannot distinguish CMOV from MOV 15

72 Securing ORAM Application Obliviate ORAM client Last-Level Cache cache-set 0 cache-set 1 cache-set 2 Use Conditional Move (CMOV) cache-set 3 Side-channel resistant ORAM implementation! Position Map Position Map Stash Page Table Access Frame # 10 0x x1001 Disk 10 0x x1003 The attacker cannot distinguish CMOV from MOV 15

73 Extending Enclave Memory Obliviate Disk 16

74 Extending Enclave Memory Obliviate Large enclaves degrade performance Program EPC Physical Memory Disk 16

75 Extending Enclave Memory Metadata (small) inside enclave Obliviate ORAM Client Position Map Stash Encrypted ORAM Trees Program EPC Physical Memory Large enclaves degrade performance ORAM Trees (large) outside enclave C A B D Disk 16

76 Metadata (small) inside enclave Extending Enclave Memory Obliviate ORAM Client Position Map Program EPC Physical Memory Large enclaves degrade performance Encrypted ORAM Stash trees outside enclave! Encrypted ORAM Trees ORAM Trees (large) outside enclave C A B D Disk 16

77 Leveraging asynchronicity Application Obliviate Communication Thread Operation Thread Encrypted ORAM Trees C A B D Disk 17

78 Leveraging asynchronicity Application Obliviate (a) read(1, 0x18289, 4096) Communication Thread Operation Thread Encrypted ORAM Trees C A B D Disk 17

79 Leveraging asynchronicity Application Obliviate (a) read(1, 0x18289, 4096) Communication Thread Operation Thread (b) Read(A) Encrypted ORAM Trees C A B D Disk 17

80 Leveraging asynchronicity Application Obliviate (a) read(1, 0x18289, 4096) (c) Reply to the request Communication Thread Operation Thread (b) Read(A) Encrypted ORAM Trees (c) Write-back(A) C A B D Disk 17

81 Leveraging asynchronicity Application Obliviate (a) read(1, 0x18289, 4096) Communication Thread Perform Asynchronous ORAM Operation write-back! Thread (c) Reply to the request (b) Read(A) Encrypted ORAM Trees (c) Write-back(A) C A B D Disk 17

82 Implementation 1. Obliviate runs using Intel SGX SDK Library 2. Graphene-SGX integration to run heavyweight applications, e.g., SQLite and Lighttpd 18

83 Performance Evaluation Evaluated filesystems: 1. Native Filesystem (Non-SGX) 2. In-memory Filesystem (SGX, based on Graphene-SGX) 3. Obliviate (SGX, based on Intel SGX SDK) 19

84 Iozone Benchmarks M 128M 512M 1G Native FS In-memory FS Obliviate M 128M 512M 1G Native FS In-memory FS Obliviate a) Sequential Reads (Bytes/sec) b) Sequential Writes (Bytes/sec) 20

85 Iozone Benchmarks x overhead over the in-memory FS M 128M 512M 1G Native FS In-memory FS Obliviate 1 2M 128M 512M 1G Native FS In-memory FS Obliviate a) Sequential Reads (Bytes/sec) b) Sequential Writes (Bytes/sec) 20

86 Iozone Benchmarks 2-3x overhead over the in-memory FS In-memory FS exerts a lot of pressure on EPC 1 2M 128M 512M 1G Native FS In-memory FS Obliviate 1 2M 128M 512M 1G Native FS In-memory FS Obliviate a) Sequential Reads (Bytes/sec) b) Sequential Writes (Bytes/sec) 20

87 Comparable performance for smaller file sizes Iozone Benchmarks 2-3x overhead over the in-memory FS In-memory FS exerts a lot of pressure on EPC 1 2M 128M 512M 1G Native FS In-memory FS Obliviate 1 2M 128M 512M 1G Native FS In-memory FS Obliviate a) Sequential Reads (Bytes/sec) b) Sequential Writes (Bytes/sec) 20

88 Macro-Benchmarks INSERT SELECT 100 1K 16K 128K 1M In-memory FS Obliviate In-memory FS Obliviate a) SQLite Response Times (milli-sec) b) Lighttpd Throughput (Req/s) 21

89 2500 Macro-Benchmarks ~2x overhead over in-memory FS INSERT SELECT 100 1K 16K 128K 1M In-memory FS Obliviate In-memory FS Obliviate a) SQLite Response Times (milli-sec) b) Lighttpd Throughput (Req/s) 21

90 Conclusion 22

91 Conclusion 1. All existing SGX filesystems are vulnerable to side-channels 22

92 Conclusion 1. All existing SGX filesystems are vulnerable to side-channels 2. File system operations can leak sensitive information about program execution. 22

93 Conclusion 1. All existing SGX filesystems are vulnerable to side-channels 2. File system operations can leak sensitive information about program execution. 3. Obliviate provides theoretically-strong defense against sidechannels. 22

94 Conclusion 1. All existing SGX filesystems are vulnerable to side-channels 2. File system operations can leak sensitive information about program execution. 3. Obliviate provides theoretically-strong defense against sidechannels. Opensource: Contact: 22

95 Thanks! Merci! Shukriya! 23

96 Extra Slides 24

97 Securing file system 25

98 Securing file system c a b d 25

99 Securing file system c Single ORAM Tree protects file offset a b d 25

100 Securing file system c Single ORAM Tree protects file offset a b d a b d c Hierarchical ORAM Trees can protect files a b d c c c c c a b d a b d a b d a b d 25

101 Securing file system c Single ORAM Tree protects file offset c a b d Protect both file and file offset! c a b d Hierarchical ORAM Trees can protect files a b d c c c c a b d a b d a b d a b d 25

SGXBounds Memory Safety for Shielded Execution

SGXBounds Memory Safety for Shielded Execution SGXBounds Memory Safety for Shielded Execution Dmitrii Kuvaiskii, Oleksii Oleksenko, Sergei Arnautov, Bohdan Trach, Pramod Bhatotia *, Pascal Felber, Christof Fetzer TU Dresden, * The University of Edinburgh,

More information

Graphene-SGX. A Practical Library OS for Unmodified Applications on SGX. Chia-Che Tsai Donald E. Porter Mona Vij

Graphene-SGX. A Practical Library OS for Unmodified Applications on SGX. Chia-Che Tsai Donald E. Porter Mona Vij Graphene-SGX A Practical Library OS for Unmodified Applications on SGX Chia-Che Tsai Donald E. Porter Mona Vij Intel SGX: Trusted Execution on Untrusted Hosts Processing Sensitive Data (Ex: Medical Records)

More information

Eleos: Exit-Less OS Services for SGX Enclaves

Eleos: Exit-Less OS Services for SGX Enclaves Eleos: Exit-Less OS Services for SGX Enclaves Meni Orenbach Marina Minkin Pavel Lifshits Mark Silberstein Accelerated Computing Systems Lab Haifa, Israel What do we do? Improve performance: I/O intensive

More information

Varys. Protecting SGX Enclaves From Practical Side-Channel Attacks. Oleksii Oleksenko, Bohdan Trach. Mark Silberstein

Varys. Protecting SGX Enclaves From Practical Side-Channel Attacks. Oleksii Oleksenko, Bohdan Trach. Mark Silberstein Varys Protecting SGX Enclaves From Practical Side-Channel Attacks Oleksii Oleksenko, Bohdan Trach Robert Krahn, Andre Martin, Christof Fetzer Mark Silberstein Key issue of the cloud: We cannot trust it

More information

SCONE: Secure Linux Container Environments with Intel SGX

SCONE: Secure Linux Container Environments with Intel SGX SCONE: Secure Linux Container Environments with Intel SGX S. Arnautov, B. Trach, F. Gregor, Thomas Knauth, and A. Martin, Technische Universität Dresden; C. Priebe, J. Lind, D. Muthukumaran, D. O'Keeffe,

More information

Memory Defenses. The Elevation from Obscurity to Headlines. Rajeev Balasubramonian School of Computing, University of Utah

Memory Defenses. The Elevation from Obscurity to Headlines. Rajeev Balasubramonian School of Computing, University of Utah Memory Defenses The Elevation from Obscurity to Headlines Rajeev Balasubramonian School of Computing, University of Utah Image sources: pinterest, gizmodo 2 Spectre Overview Victim Code x is controlled

More information

SGX Enclave Life Cycle Tracking TLB Flushes Security Guarantees

SGX Enclave Life Cycle Tracking TLB Flushes Security Guarantees CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 3b SGX Enclave Life Cycle Tracking TLB Flushes Security Guarantees Slide deck extracted from Kamran s tutorial on SGX and Chenglu s security analysis

More information

A Comparison Study of Intel SGX and AMD Memory Encryption Technology

A Comparison Study of Intel SGX and AMD Memory Encryption Technology A Comparison Study of Intel SGX and AMD Memory Encryption Technology Saeid Mofrad, Fengwei Zhang Shiyong Lu Wayne State University {saeid.mofrad, Fengwei, Shiyong}@wayne.edu Weidong Shi (Larry) University

More information

A HIGH-PERFORMANCE OBLIVIOUS RAM CONTROLLER ON THE CONVEY HC-2EX HETEROGENEOUS COMPUTING PLATFORM

A HIGH-PERFORMANCE OBLIVIOUS RAM CONTROLLER ON THE CONVEY HC-2EX HETEROGENEOUS COMPUTING PLATFORM A HIGH-PERFORMANCE OBLIVIOUS RAM CONTROLLER ON THE CONVEY HC-2EX HETEROGENEOUS COMPUTING PLATFORM BASED ON PHANTOM: PRACTICAL OBLIVIOUS COMPUTATION IN A SECURE PROCESSOR FROM CCS-2013! Martin Maas, Eric

More information

Sanctum: Minimal HW Extensions for Strong SW Isolation

Sanctum: Minimal HW Extensions for Strong SW Isolation CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7a Sanctum: Minimal HW Extensions for Strong SW Isolation Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical &

More information

SafeBricks: Shielding Network Functions in the Cloud

SafeBricks: Shielding Network Functions in the Cloud SafeBricks: Shielding Network Functions in the Cloud Rishabh Poddar, Chang Lan, Raluca Ada Popa, Sylvia Ratnasamy UC Berkeley Network Functions (NFs) in the cloud Clients 2 Enterprise Destination Network

More information

Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races. CS 563 Young Li 10/31/18

Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races. CS 563 Young Li 10/31/18 Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races CS 563 Young Li 10/31/18 Intel Software Guard extensions (SGX) and Hyper-Threading What is Intel SGX? Set of

More information

Introduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017

Introduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017 Introduction to SGX (Software Guard Extensions) and SGX Virtualization Kai Huang, Jun Nakajima (Speaker) July 12, 2017 1 INTEL RESTRICTED SECRET Agenda SGX Introduction Xen SGX Virtualization Support Backup

More information

Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX

Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX W. Wang, G. Chen, X, Pan, Y. Zhang, XF. Wang, V. Bindschaedler, H. Tang, C. Gunter. September 19, 2017 Motivation Intel

More information

Intel Software Guard Extensions (Intel SGX) Memory Encryption Engine (MEE) Shay Gueron

Intel Software Guard Extensions (Intel SGX) Memory Encryption Engine (MEE) Shay Gueron Real World Cryptography Conference 2016 6-8 January 2016, Stanford, CA, USA Intel Software Guard Extensions (Intel SGX) Memory Encryption Engine (MEE) Shay Gueron Intel Corp., Intel Development Center,

More information

T-SGX: Eradicating Controlled-Channel

T-SGX: Eradicating Controlled-Channel T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs Ming-Wei Shih Sangho Lee Taesoo Kim Marcus Peinado Georgia Institute of Technology Microsoft Research 2 3 Intel SGX aims to secure

More information

Locking Down the Processor via the Rowhammer Attack

Locking Down the Processor via the Rowhammer Attack SGX-BOMB: Locking Down the Processor via the Rowhammer Attack Yeongjin Jang*, Jaehyuk Lee, Sangho Lee, and Taesoo Kim Oregon State University* KAIST Georgia Institute of Technology TL;DR SGX locks up the

More information

CIS 4360 Secure Computer Systems SGX

CIS 4360 Secure Computer Systems SGX CIS 4360 Secure Computer Systems SGX Professor Qiang Zeng Spring 2017 Some slides are stolen from Intel docs Previous Class UEFI Secure Boot Windows s Trusted Boot Intel s Trusted Boot CIS 4360 Secure

More information

SGX Security Background. Masab Ahmad Department of Electrical and Computer Engineering University of Connecticut

SGX Security Background. Masab Ahmad Department of Electrical and Computer Engineering University of Connecticut SGX Security Background Masab Ahmad masab.ahmad@uconn.edu Department of Electrical and Computer Engineering University of Connecticut 1 Security Background Outline Cryptographic Primitives Cryptographic

More information

Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. Yuanzhong Xu, Weidong Cui, Marcus Peinado

Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. Yuanzhong Xu, Weidong Cui, Marcus Peinado : Deterministic Side Channels for Untrusted Operating Systems Yuanzhong Xu, Weidong Cui, Marcus Peinado 2 Goal Protect the data of applications running on remote hardware 3 New tech Trusted Platform Modules

More information

Raccoon: Closing Digital Side-Channels through Obfuscated Execution

Raccoon: Closing Digital Side-Channels through Obfuscated Execution Raccoon: Closing Digital Side-Channels through Obfuscated Execution Ashay Rane, Calvin Lin, Mohit Tiwari The University of Texas at Austin Secure code? Instruction Pointer if (secret_bit == 1) { z = (msg

More information

Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software

Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris Hawblitzel, Bryan Parno* Microsoft Research, Cornell University, Carnegie Mellon

More information

Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data

Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data Tyler Hunt, Zhiting Zhu, Yuanzhong Xu, Simon Peter, and Emmett Witchel University of Texas at Austin OSDI 2016 Presented by John Alsop

More information

Micro-Architectural Attacks and Countermeasures

Micro-Architectural Attacks and Countermeasures Micro-Architectural Attacks and Countermeasures Çetin Kaya Koç koc@cs.ucsb.edu Çetin Kaya Koç http://koclab.org Winter 2017 1 / 25 Contents Micro-Architectural Attacks Cache Attacks Branch Prediction Attack

More information

Ascend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM)

Ascend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM) CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7b Ascend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM) Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen

More information

The Microkernel Overhead

The Microkernel Overhead The Micro Overhead http://d3s.mff.cuni.cz Martin Děcký decky@d3s.mff.cuni.cz CHARLES UNIVERSITY IN PRAGUE faculty of mathematics and physics Martin Děcký, FOSDEM 2012, 5 th February 2012 The Micro Overhead

More information

GFS: The Google File System

GFS: The Google File System GFS: The Google File System Brad Karp UCL Computer Science CS GZ03 / M030 24 th October 2014 Motivating Application: Google Crawl the whole web Store it all on one big disk Process users searches on one

More information

Searchable Encryption Using ORAM. Benny Pinkas

Searchable Encryption Using ORAM. Benny Pinkas Searchable Encryption Using ORAM Benny Pinkas 1 Desiderata for Searchable Encryption Security No leakage about the query or the results Functionality Variety of queries that are supported Performance 2

More information

RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas

RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas RISCV with Sanctum Enclaves Victor Costan, Ilia Lebedev, Srini Devadas Today, privilege implies trust (1/3) If computing remotely, what is the TCB? Priviledge CPU HW Hypervisor trusted computing base OS

More information

Advanced file systems: LFS and Soft Updates. Ken Birman (based on slides by Ben Atkin)

Advanced file systems: LFS and Soft Updates. Ken Birman (based on slides by Ben Atkin) : LFS and Soft Updates Ken Birman (based on slides by Ben Atkin) Overview of talk Unix Fast File System Log-Structured System Soft Updates Conclusions 2 The Unix Fast File System Berkeley Unix (4.2BSD)

More information

Secure Remote Storage Using Oblivious RAM

Secure Remote Storage Using Oblivious RAM Secure Remote Storage Using Oblivious RAM Giovanni Malloy Mentors: Georgios Kellaris, Kobbi Nissim August 11, 2016 Abstract Oblivious RAM (ORAM) is a protocol that allows a user to access the data she

More information

Intel Software Guard Extensions

Intel Software Guard Extensions Intel Software Guard Extensions Dr. Matthias Hahn, Intel Deutschland GmbH July 12 th 2017 cryptovision Mindshare, Gelsenkirchen Intel SGX Making Headlines Premium Content requiring Intel SGX on PC Intel

More information

DON T CRY OVER SPILLED RECORDS Memory elasticity of data-parallel applications and its application to cluster scheduling

DON T CRY OVER SPILLED RECORDS Memory elasticity of data-parallel applications and its application to cluster scheduling DON T CRY OVER SPILLED RECORDS Memory elasticity of data-parallel applications and its application to cluster scheduling Călin Iorgulescu (EPFL), Florin Dinu (EPFL), Aunn Raza (NUST Pakistan), Wajih Ul

More information

SGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors

SGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors UT DALLAS Erik%Jonsson%School%of%Engineering%&%Computer%Science SGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors Fahad Shaon Murat Kantarcioglu Zhiqiang Lin Latifur Khan

More information

Lecture Secure, Trusted and Trustworthy Computing Introduction to SGX

Lecture Secure, Trusted and Trustworthy Computing Introduction to SGX Lecture Secure, and Trustworthy Computing Introduction to Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2016/17 Intel Software Guard Extensions

More information

Securing Cloud Computations with Oblivious Primitives from Intel SGX

Securing Cloud Computations with Oblivious Primitives from Intel SGX Securing Cloud Computations with Oblivious Primitives from Intel SGX by Sajin Sasy A thesis presented to the University of Waterloo in fulfillment of the thesis requirement for the degree of Master of

More information

Euro-Par Pisa - Italy

Euro-Par Pisa - Italy Euro-Par 2004 - Pisa - Italy Accelerating farms through ad- distributed scalable object repository Marco Aldinucci, ISTI-CNR, Pisa, Italy Massimo Torquati, CS dept. Uni. Pisa, Italy Outline (Herd of Object

More information

Data Processing on Modern Hardware

Data Processing on Modern Hardware Data Processing on Modern Hardware Jens Teubner, TU Dortmund, DBIS Group jens.teubner@cs.tu-dortmund.de Summer 2014 c Jens Teubner Data Processing on Modern Hardware Summer 2014 1 Part V Execution on Multiple

More information

Emulating Goliath Storage Systems with David

Emulating Goliath Storage Systems with David Emulating Goliath Storage Systems with David Nitin Agrawal, NEC Labs Leo Arulraj, Andrea C. Arpaci-Dusseau, Remzi H. Arpaci-Dusseau ADSL Lab, UW Madison 1 The Storage Researchers Dilemma Innovate Create

More information

GFS: The Google File System. Dr. Yingwu Zhu

GFS: The Google File System. Dr. Yingwu Zhu GFS: The Google File System Dr. Yingwu Zhu Motivating Application: Google Crawl the whole web Store it all on one big disk Process users searches on one big CPU More storage, CPU required than one PC can

More information

ZeroTrace: Oblivious Memory Primitives from Intel SGX

ZeroTrace: Oblivious Memory Primitives from Intel SGX ZeroTrace: Oblivious Memory Primitives from Intel SGX Sajin Sasy University of Waterloo sajin.sasy@gmail.com Sergey Gorbunov University of Waterloo sergey.gorbunov@uwaterloo.ca Christopher W. Fletcher

More information

Leveraging Intel SGX to Create a Nondisclosure Cryptographic library

Leveraging Intel SGX to Create a Nondisclosure Cryptographic library CS 2530 - Computer and Network Security Project presentation Leveraging Intel SGX to Create a Nondisclosure Cryptographic library Mohammad H Mofrad & Spencer L Gray University of Pittsburgh Thursday, December

More information

CSC 5930/9010 Cloud S & P: Virtualization

CSC 5930/9010 Cloud S & P: Virtualization CSC 5930/9010 Cloud S & P: Virtualization Professor Henry Carter Fall 2016 Recap Network traffic can be encrypted at different layers depending on application needs TLS: transport layer IPsec: network

More information

Towards General-Purpose Resource Management in Shared Cloud Services

Towards General-Purpose Resource Management in Shared Cloud Services Towards General-Purpose Resource Management in Shared Cloud Services Jonathan Mace, Brown University Peter Bodik, MSR Redmond Rodrigo Fonseca, Brown University Madanlal Musuvathi, MSR Redmond Shared-tenant

More information

And Then There Were More:

And Then There Were More: David Naylor Carnegie Mellon And Then There Were More: Secure Communication for More Than Two Parties Richard Li University of Utah Christos Gkantsidis Microsoft Research Thomas Karagiannis Microsoft Research

More information

Hardware Enclave Attacks CS261

Hardware Enclave Attacks CS261 Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Service (IAS) Process Enclave Untrusted Trusted Enclave Code Enclave Data Process Process Other Enclave OS and/or Hypervisor

More information

Binding keys to programs using Intel SGX remote attestation

Binding keys to programs using Intel SGX remote attestation Binding keys to programs using Intel SGX remote attestation Mark D. Ryan London Crypto Day 22 September 2017 1 Intel SGX Intel SGX is a set of processor instructions which allow one: To set up an enclave

More information

Roadmap. Handling large amount of data efficiently. Stable storage. Parallel dataflow. External memory algorithms and data structures

Roadmap. Handling large amount of data efficiently. Stable storage. Parallel dataflow. External memory algorithms and data structures Roadmap Handling large amount of data efficiently Stable storage External memory algorithms and data structures Implementing relational operators Parallel dataflow Algorithms for MapReduce Implementing

More information

CSE 153 Design of Operating Systems

CSE 153 Design of Operating Systems CSE 153 Design of Operating Systems Winter 2018 Lecture 22: File system optimizations and advanced topics There s more to filesystems J Standard Performance improvement techniques Alternative important

More information

Oracle Performance on M5000 with F20 Flash Cache. Benchmark Report September 2011

Oracle Performance on M5000 with F20 Flash Cache. Benchmark Report September 2011 Oracle Performance on M5000 with F20 Flash Cache Benchmark Report September 2011 Contents 1 About Benchware 2 Flash Cache Technology 3 Storage Performance Tests 4 Conclusion copyright 2011 by benchware.ch

More information

Extended Page Tables (EPT) A VMM must protect host physical memory Multiple guest operating systems share the same host physical memory VMM typically implements protections through page-table shadowing

More information

Securing Cloud-assisted Services

Securing Cloud-assisted Services Securing Cloud-assisted Services N. Asokan http://asokan.org/asokan/ @nasokan Services are moving to the cloud http://dilbert.com/strip/2012-05-25 2 Services are moving to the cloud Example: cloud-based

More information

Beetle. Sharing, flexibility and access control for Bluetooth Low Energy. Amit Levy James Hong Laurynas Riliskis Philip Levis Keith Winstein

Beetle. Sharing, flexibility and access control for Bluetooth Low Energy. Amit Levy James Hong Laurynas Riliskis Philip Levis Keith Winstein Beetle Sharing, flexibility and access control for Bluetooth Low Energy Amit Levy James Hong Laurynas Riliskis Philip Levis Keith Winstein Stanford University June 24, 2016 1 / 26 Meet Grace 2 / 26 Meet

More information

INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD

INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD OVERVIEW Fundamental

More information

Rethink the Sync 황인중, 강윤지, 곽현호. Embedded Software Lab. Embedded Software Lab.

Rethink the Sync 황인중, 강윤지, 곽현호. Embedded Software Lab. Embedded Software Lab. 1 Rethink the Sync 황인중, 강윤지, 곽현호 Authors 2 USENIX Symposium on Operating System Design and Implementation (OSDI 06) System Structure Overview 3 User Level Application Layer Kernel Level Virtual File System

More information

Inject malicious code Call any library functions Modify the original code

Inject malicious code Call any library functions Modify the original code Inject malicious code Call any library functions Modify the original code 2 Sadeghi, Davi TU Darmstadt 2012 Secure, Trusted, and Trustworthy Computing Chapter 6: Runtime Attacks 2 3 Sadeghi, Davi TU Darmstadt

More information

Crypto Background & Concepts SGX Software Attestation

Crypto Background & Concepts SGX Software Attestation CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 4b Slide deck extracted from Kamran s tutorial on SGX, presented during ECE 6095 Spring 2017 on Secure Computation and Storage, a precursor to this course

More information

Using Transparent Compression to Improve SSD-based I/O Caches

Using Transparent Compression to Improve SSD-based I/O Caches Using Transparent Compression to Improve SSD-based I/O Caches Thanos Makatos, Yannis Klonatos, Manolis Marazakis, Michail D. Flouris, and Angelos Bilas {mcatos,klonatos,maraz,flouris,bilas}@ics.forth.gr

More information

from circuits to RAM programs in malicious-2pc

from circuits to RAM programs in malicious-2pc from circuits to RAM programs in malicious-2pc Abstract: Secure 2-party computation (2PC) is becoming practical in some domains However, most approaches are limited by the fact that the desired functionality

More information

IBM B2B INTEGRATOR BENCHMARKING IN THE SOFTLAYER ENVIRONMENT

IBM B2B INTEGRATOR BENCHMARKING IN THE SOFTLAYER ENVIRONMENT IBM B2B INTEGRATOR BENCHMARKING IN THE SOFTLAYER ENVIRONMENT 215-4-14 Authors: Deep Chatterji (dchatter@us.ibm.com) Steve McDuff (mcduffs@ca.ibm.com) CONTENTS Disclaimer...3 Pushing the limits of B2B Integrator...4

More information

System-centric Solutions to

System-centric Solutions to System-centric Solutions to Micro-architectural and System-level Side Channels Yinqian Zhang, Ph.D. The Ohio State University Micro-architectural and System-level Side Channels Micro-architectural side

More information

Gone, But Not Forgotten: The Current State of Private Computing

Gone, But Not Forgotten: The Current State of Private Computing Gone, But Not Forgotten: The Current State of Private Computing Aseem Rastogi Jun Yuan Rob Johnson University of Maryland, College Park Stony Brook University Web browser private mode Web browser private

More information

EECS 482 Introduction to Operating Systems

EECS 482 Introduction to Operating Systems EECS 482 Introduction to Operating Systems Winter 2018 Baris Kasikci Slides by: Harsha V. Madhyastha OS Abstractions Applications Threads File system Virtual memory Operating System Next few lectures:

More information

OPENSTACK: THE OPEN CLOUD

OPENSTACK: THE OPEN CLOUD OPENSTACK: THE OPEN CLOUD Anuj Sehgal (s.anuj@jacobs-university.de) AIMS 2012 Labs 04 June 2012 1 Outline What is the cloud? Background Architecture OpenStack Nova OpenStack Glance 2 What is the Cloud?

More information

Maru: Hardware-Assisted Secure Cloud Computing

Maru: Hardware-Assisted Secure Cloud Computing Maru: Hardware-Assisted Secure Coud Computing Peter Pietzuch prp@imperia.ac.uk Large-Scae Distributed Systems Group Department of Computing, Imperia Coege London Peter R. Pietzuch http://sds.doc.ic.ac.uk

More information

Software Solutions to Micro-architectural Side Channels. Yinqian Zhang Assistant Professor Computer Science & Engineering The Ohio State University

Software Solutions to Micro-architectural Side Channels. Yinqian Zhang Assistant Professor Computer Science & Engineering The Ohio State University Software Solutions to Micro-architectural Side Channels Yinqian Zhang Assistant Professor Computer Science & Engineering The Ohio State University Introduction Research interests Computer system security

More information

Outline 1 Motivation 2 Theory of a non-blocking benchmark 3 The benchmark and results 4 Future work

Outline 1 Motivation 2 Theory of a non-blocking benchmark 3 The benchmark and results 4 Future work Using Non-blocking Operations in HPC to Reduce Execution Times David Buettner, Julian Kunkel, Thomas Ludwig Euro PVM/MPI September 8th, 2009 Outline 1 Motivation 2 Theory of a non-blocking benchmark 3

More information

Resource Containers. A new facility for resource management in server systems. Presented by Uday Ananth. G. Banga, P. Druschel, J. C.

Resource Containers. A new facility for resource management in server systems. Presented by Uday Ananth. G. Banga, P. Druschel, J. C. Resource Containers A new facility for resource management in server systems G. Banga, P. Druschel, J. C. Mogul OSDI 1999 Presented by Uday Ananth Lessons in history.. Web servers have become predominantly

More information

CLASS AGENDA. 9:00 9:15 a.m. 9:15 10:00 a.m. 10:00 12:00 p.m. 12:00 1:00 p.m. 1:00 3:00 p.m. 3:00 5:00 p.m.

CLASS AGENDA. 9:00 9:15 a.m. 9:15 10:00 a.m. 10:00 12:00 p.m. 12:00 1:00 p.m. 1:00 3:00 p.m. 3:00 5:00 p.m. CLASS AGENDA INTEL SGX OVERVIEW... DEVELOPER TOOLKIT... DEVELOPING FOR INTEL SGX... BREAK FOR LUNCH... PROVISIONING SECRETS... DATA SEALING...... 9:00 9:15 a.m. 9:15 10:00 a.m. 10:00 12:00 p.m. 12:00 1:00

More information

Can randomized mapping secure instruction caches from side-channel attacks?

Can randomized mapping secure instruction caches from side-channel attacks? Can randomized mapping secure instruction caches from side-channel attacks? Fangfei Liu, Hao Wu and Ruby B. Lee Princeton University June 14, 2015 Outline Motivation and Background Data cache attacks and

More information

GPUfs: Integrating a file system with GPUs

GPUfs: Integrating a file system with GPUs GPUfs: Integrating a file system with GPUs Mark Silberstein (UT Austin/Technion) Bryan Ford (Yale), Idit Keidar (Technion) Emmett Witchel (UT Austin) 1 Traditional System Architecture Applications OS CPU

More information

Dynamic Metadata Management for Petabyte-scale File Systems

Dynamic Metadata Management for Petabyte-scale File Systems Dynamic Metadata Management for Petabyte-scale File Systems Sage Weil Kristal T. Pollack, Scott A. Brandt, Ethan L. Miller UC Santa Cruz November 1, 2006 Presented by Jae Geuk, Kim System Overview Petabytes

More information

HDFI: Hardware-Assisted Data-flow Isolation

HDFI: Hardware-Assisted Data-flow Isolation HDFI: Hardware-Assisted Data-flow Isolation Presented by Ben Schreiber Chengyu Song 1, Hyungon Moon 2, Monjur Alam 1, Insu Yun 1, Byoungyoung Lee 1, Taesoo Kim 1, Wenke Lee 1, Yunheung Paek 2 1 Georgia

More information

The Security Challenges & Issues From SGX Practice

The Security Challenges & Issues From SGX Practice The Security Challenges & Issues From SGX Practice Xiaoning Li Chief Security Architect Alibaba Cloud 为了无法计算的价值 Agenda Secure Computing Introduction Intel SGX Applications and Challenges Secure Computing

More information

Recovering Disk Storage Metrics from low level Trace events

Recovering Disk Storage Metrics from low level Trace events Recovering Disk Storage Metrics from low level Trace events Progress Report Meeting May 05, 2016 Houssem Daoud Michel Dagenais École Polytechnique de Montréal Laboratoire DORSAL Agenda Introduction and

More information

Protecting Private Data in the Cloud: A Path Oblivious RAM Protocol

Protecting Private Data in the Cloud: A Path Oblivious RAM Protocol Protecting Private Data in the Cloud: A Path Oblivious RAM Protocol Nathan Wolfe and Ethan Zou Mentors: Ling Ren and Xiangyao Yu Fourth Annual MIT PRIMES Conference May 18, 2014 Outline 1. Background 2.

More information

From bottom to top: Exploiting hardware side channels in web browsers

From bottom to top: Exploiting hardware side channels in web browsers From bottom to top: Exploiting hardware side channels in web browsers Clémentine Maurice, Graz University of Technology July 4, 2017 RMLL, Saint-Étienne, France Rennes Graz Clémentine Maurice PhD since

More information

jvpfs: Adding Robustness to a Secure Stacked File System with Untrusted Local Storage Components

jvpfs: Adding Robustness to a Secure Stacked File System with Untrusted Local Storage Components Department of Computer Science Institute of Systems Architecture, Operating Systems Group : Adding Robustness to a Secure Stacked File System with Untrusted Local Storage Components Carsten Weinhold, ermann

More information

Iron: Functional encryption using Intel SGX

Iron: Functional encryption using Intel SGX Iron: Functional encryption using Intel SGX Sergey Gorbunov University of Waterloo Joint work with Ben Fisch, Dhinakaran Vinayagamurthy, Dan Boneh. Motivation DNA_A DB = Database of DNA sequences DNA_B

More information

0x1A Great Papers in Computer Security

0x1A Great Papers in Computer Security CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ slide 1 X. Chen, T, Garfinkel, E. Lewis, P. Subrahmanyam, C. Waldspurger, D. Boneh, J. Dwoskin,

More information

The Efficient Server Audit Problem, Deduplicated Re-execution, and the Web

The Efficient Server Audit Problem, Deduplicated Re-execution, and the Web The Efficient Server Audit Problem, Deduplicated Re-execution, and the Web Cheng Tan, Lingfan Yu, Joshua B. Leners*, and Michael Walfish NYU Department of Computer Science, Courant Institute *Two Sigma

More information

416 Distributed Systems. Distributed File Systems 1: NFS Sep 18, 2018

416 Distributed Systems. Distributed File Systems 1: NFS Sep 18, 2018 416 Distributed Systems Distributed File Systems 1: NFS Sep 18, 2018 1 Outline Why Distributed File Systems? Basic mechanisms for building DFSs Using NFS and AFS as examples NFS: network file system AFS:

More information

Avanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved.

Avanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved. Avanan for G Suite Technical Overview Contents Intro 1 How Avanan Works 2 Email Security for Gmail 3 Data Security for Google Drive 4 Policy Automation 5 Workflows and Notifications 6 Authentication 7

More information

Virtual Machine Virtual Machine Types System Virtual Machine: virtualize a machine Container: virtualize an OS Program Virtual Machine: virtualize a process Language Virtual Machine: virtualize a language

More information

Usable PIR. Network Security and Applied. Cryptography Laboratory.

Usable PIR. Network Security and Applied. Cryptography Laboratory. Network Security and Applied Cryptography Laboratory http://crypto.cs.stonybrook.edu Usable PIR NDSS '08, San Diego, CA Peter Williams petertw@cs.stonybrook.edu Radu Sion sion@cs.stonybrook.edu ver. 2.1

More information

Qualifying exam: operating systems, 1/6/2014

Qualifying exam: operating systems, 1/6/2014 Qualifying exam: operating systems, 1/6/2014 Your name please: Part 1. Fun with forks (a) What is the output generated by this program? In fact the output is not uniquely defined, i.e., it is not always

More information

SUPER CLOUD STORAGE MEASUREMENT STUDY AND OPTIMIZATION

SUPER CLOUD STORAGE MEASUREMENT STUDY AND OPTIMIZATION CS5413: HIGH PERFORMANCE SYSTEMS AND NETWORKING SUPER CLOUD STORAGE MEASUREMENT STUDY AND OPTIMIZATION December 23, 2014 Sneha Prasad (sh824@cornell.edu) Lu Yang (ly77@cornell.edu) Contents 1 Introduction....................................

More information

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh Dinh, Ee-Chien Chang, Beng Chin Ooi School of Computing National University of Singapore The Problem Context:

More information

The Ascend Secure Processor. Christopher Fletcher MIT

The Ascend Secure Processor. Christopher Fletcher MIT The Ascend Secure Processor Christopher Fletcher MIT 1 Joint work with Srini Devadas, Marten van Dijk Ling Ren, Albert Kwon, Xiangyao Yu Elaine Shi & Emil Stefanov David Wentzlaff & Princeton Team (Mike,

More information

Distributed caching for cloud computing

Distributed caching for cloud computing Distributed caching for cloud computing Maxime Lorrillere, Julien Sopena, Sébastien Monnet et Pierre Sens February 11, 2013 Maxime Lorrillere (LIP6/UPMC/CNRS) February 11, 2013 1 / 16 Introduction Context

More information

Disclaimer. This talk vastly over-simplifies things. See notes for full details and resources.

Disclaimer. This talk vastly over-simplifies things. See notes for full details and resources. Greg Kroah-Hartman Disclaimer This talk vastly over-simplifies things. See notes for full details and resources. https://github.com/gregkh/presentation-spectre Spectre Hardware bugs Valid code can be tricked

More information

Intel Security Dev API 1.0 Production Release

Intel Security Dev API 1.0 Production Release 1.0 Production Release Release Notes 24 August 2017 Version History/Revision History Date Revision Description August 2017 1.0 Limited Production Release March 2017 0.61 Limited External Distribution Intended

More information

Background: I/O Concurrency

Background: I/O Concurrency Background: I/O Concurrency Brad Karp UCL Computer Science CS GZ03 / M030 5 th October 2011 Outline Worse Is Better and Distributed Systems Problem: Naïve single-process server leaves system resources

More information

Lessons learned implementing a multithreaded SMB2 server in OneFS

Lessons learned implementing a multithreaded SMB2 server in OneFS Lessons learned implementing a multithreaded SMB2 server in OneFS Aravind Velamur Srinivasan Isilon Systems, Inc 2011 Storage Developer Conference. Insert Your Company Name. All Rights Reserved. Outline

More information

4. Jump to *RA 4. StackGuard 5. Execute code 5. Instruction Set Randomization 6. Make system call 6. System call Randomization

4. Jump to *RA 4. StackGuard 5. Execute code 5. Instruction Set Randomization 6. Make system call 6. System call Randomization 04/04/06 Lecture Notes Untrusted Beili Wang Stages of Static Overflow Solution 1. Find bug in 1. Static Analysis 2. Send overflowing input 2. CCured 3. Overwrite return address 3. Address Space Randomization

More information

Status Update About COLO (COLO: COarse-grain LOck-stepping Virtual Machines for Non-stop Service)

Status Update About COLO (COLO: COarse-grain LOck-stepping Virtual Machines for Non-stop Service) Status Update About COLO (COLO: COarse-grain LOck-stepping Virtual Machines for Non-stop Service) eddie.dong@intel.com arei.gonglei@huawei.com yanghy@cn.fujitsu.com Agenda Background Introduction Of COLO

More information

Distributed Systems. The main method of distributed object communication is with remote method invocation

Distributed Systems. The main method of distributed object communication is with remote method invocation Distributed Systems Unit III Syllabus:Distributed Objects and Remote Invocation: Introduction, Communication between Distributed Objects- Object Model, Distributed Object Modal, Design Issues for RMI,

More information

Azure Sphere: Fitting Linux Security in 4 MiB of RAM. Ryan Fairfax Principal Software Engineering Lead Microsoft

Azure Sphere: Fitting Linux Security in 4 MiB of RAM. Ryan Fairfax Principal Software Engineering Lead Microsoft Azure Sphere: Fitting Linux Security in 4 MiB of RAM Ryan Fairfax Principal Software Engineering Lead Microsoft Agenda o o o o Intro to Azure Sphere Kernel Customizations User mode services / App Model

More information

Town Crier. Authenticated Data Feeds For Smart Contracts. CS5437 Lecture by Kyle Croman and Fan Zhang Mar 18, 2016

Town Crier. Authenticated Data Feeds For Smart Contracts. CS5437 Lecture by Kyle Croman and Fan Zhang Mar 18, 2016 Town Crier Authenticated Data Feeds For Smart Contracts CS5437 Lecture by Kyle Croman and Fan Zhang Mar 18, 2016 Smart Contract Decentralized App: Programs are executed by all miners who reach consensus

More information

Oracle Platform Performance Baseline Oracle 12c on Hitachi VSP G1000. Benchmark Report December 2014

Oracle Platform Performance Baseline Oracle 12c on Hitachi VSP G1000. Benchmark Report December 2014 Oracle Platform Performance Baseline Oracle 12c on Hitachi VSP G1000 Benchmark Report December 2014 Contents 1 System Configuration 2 Introduction into Oracle Platform Performance Tests 3 Storage Benchmark

More information