Styx

Stephen, Julian James; Savvides, Savvas; Sundaram, Vinaitheerthan; Ardekani, Masoud Saeida; Eugster, Patrick

doi:10.1145/2987550.2987574

Cited by 18 publications

(3 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We plan in our future work to further extend and thoroughly evaluate S S against other known approaches on secure stream processing, like S [45], MrCrypt [47] or DEFC [38]. In particular, we plan to extend S S with full automation of container deployments, as well as enriching the framework with a library of standard stream processing operators and e cient yet secure native plugins, to ease the development of complex stream processing pipelines.…”

Section: Resultsmentioning

confidence: 99%

“…S S avoids of complex encryption schemes, decrypts data entering enclaves and processes in plaintext. e S [45] system uses partial homorphic encryption to allow for e cient stream processing in trusted cloud environments. Interestingly, the authors of that system mention Intel® SGX as possible alternative to deploy stream processing systems on trusted hardware o ered by untrusted/malicious cloud environments.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

SecureStreams

Havet

Pires

Felber

et al. 2017

Proceedings of the 11th ACM International Conference on Distributed and Event-Based Systems

View full text Add to dashboard Cite

e growing adoption of distributed data processing frameworks in a wide diversity of application domains challenges end-to-end integration of properties like security, in particular when considering deployments in the context of large-scale clusters or multi-tenant Cloud infrastructures.is paper therefore introduces S S , a reactive middleware framework to deploy and process secure streams at scale. Its design combines the high-level reactive data ow programming paradigm with Intel®'s low-level so ware guard extensions (SGX) in order to guarantee privacy and integrity of the processed data. e experimental results of S S are promising: while o ering a uent scripting language based on L , our middleware delivers high processing throughput, thus enabling developers to implement secure processing pipelines in just few lines of code.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

SecureStreams

Havet

Pires

Felber

et al. 2017

Proceedings of the 11th ACM International Conference on Distributed and Event-Based Systems

View full text Add to dashboard Cite

show abstract

“…Some proposals rely on a hybrid model with trusted and untrusted infrastructures, where critical processing is done in private clouds. Under this model, Styx [118] uses partial homomorphic encryption and show overheads of 25 % in comparison to Apache Storm. However, they cannot guarantee data integrity.…”

Section: Stream Processingmentioning

confidence: 99%

Distributed systems and trusted execution environments : trade-offs and challenges

Pires¹

View full text Add to dashboard Cite

Security and privacy concerns in computer systems have grown in importance with the ubiquity of connected devices. Additionally, cloud computing boosts such distress as private data is stored and processed in multi-tenant infrastructure providers. In recent years, trusted execution environments (TEEs) have caught the attention of scientific and industry communities as they became largely available in user-and server-class machines. TEEs provide security guarantees based on cryptographic constructs built in hardware. Since silicon chips are difficult to probe or reverse engineer, they can offer stronger protection against remote or even physical attacks when compared to their software counterparts. Intel software guard extensions (SGX), in particular, implements powerful mechanisms that can shield sensitive data even from privileged users with full control of system software. Designing secure distributed systems is a notably daunting task, since they involve many coordinated processes running in geographically-distant nodes, therefore having numerous points of attack. In this work, we essentially explore some of these challenges by using Intel SGX as a crucial tool. We do so by designing and experimentally evaluating several elementary systems ranging from communication and processing middleware to a peer-to-peer privacy-preserving solution. We start with support systems that naturally fit cloud deployment scenarios, namely content-based routing, batching and stream processing frameworks. Our communication middleware protects the most critical stage of matching subscriptions against publications inside secure enclaves and achieves substantial performance gains in comparison to traditional software-based equivalents. The processing platforms, in turn, receive encrypted data and code to be executed within the trusted environment. Our prototypes are then used to analyse the manifested memory usage issues intrinsic to SGX. Next, we aim at protecting very sensitive data: cryptographic keys. By leveraging TEEs, we design protocols for group data sharing that have lower computational complexity than legacy methods. As a bonus, our proposals allow large savings on metadata volume and processing time of cryptographic operations, all with equivalent security guarantees. Finally, we focus our attention on privacy-preserving systems. After all, users cannot modify some existing systems like web-search engines, and the providers of these services may keep individual profiles containing sensitive private information about them. We aim at achieving indistinguishability and unlinkability properties by employing techniques like sensitivity analysis, query obfuscation and leveraging relay nodes. Our evaluation shows that we propose the most robust system in comparison to existing solutions with regard to user re-identification rates and results' accuracy in a scalable way. All in all, this thesis proposes new mechanisms that take advantage of TEEs for distributed system architectures. We show through an empirical approach on top of...

show abstract