TY - GEN
T1 - SPEED
T2 - 39th IEEE International Conference on Distributed Computing Systems, ICDCS 2019
AU - Cui, Helei
AU - Duan, Huayi
AU - Qin, Zhan
AU - Wang, Cong
AU - Zhou, Yajin
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/7
Y1 - 2019/7
N2 - The emerging hardware-assisted security technologies facilitate the deployment of secure and trustworthy applications in today's cloud computing infrastructure. Despite promising, the advantages appear to diminish due to limited resources of trusted execution environments and ever-increasing workload to be processed inside. Different from existing task-specific and system-level optimizations, our key observation is that those redundant computations occur commonly among several applications when handling the same input data. In light of this, we propose SPEED, a secure and generic computation deduplication system in the context of Intel SGX. It allows SGX-enabled applications to identify redundant computations and reuse computation results, while protecting the confidentiality and integrity of code, inputs, and results. To maximize the benefit of computation deduplication, we design a cross-application deduplication scheme, empowering multiple applications to securely utilize the shared results as long as they perform identical computations. To ease the use of SPEED, we implement a fully functional prototype and provide a concise and expressive API for developers to deduplicate rich computations with minimal effort, as few as 2 lines of code per function call. Extensive evaluations of four popular applications demonstrate that SPEED improves performance by up to 400 times. The source code is available on GitHub for public use.
AB - The emerging hardware-assisted security technologies facilitate the deployment of secure and trustworthy applications in today's cloud computing infrastructure. Despite promising, the advantages appear to diminish due to limited resources of trusted execution environments and ever-increasing workload to be processed inside. Different from existing task-specific and system-level optimizations, our key observation is that those redundant computations occur commonly among several applications when handling the same input data. In light of this, we propose SPEED, a secure and generic computation deduplication system in the context of Intel SGX. It allows SGX-enabled applications to identify redundant computations and reuse computation results, while protecting the confidentiality and integrity of code, inputs, and results. To maximize the benefit of computation deduplication, we design a cross-application deduplication scheme, empowering multiple applications to securely utilize the shared results as long as they perform identical computations. To ease the use of SPEED, we implement a fully functional prototype and provide a concise and expressive API for developers to deduplicate rich computations with minimal effort, as few as 2 lines of code per function call. Extensive evaluations of four popular applications demonstrate that SPEED improves performance by up to 400 times. The source code is available on GitHub for public use.
KW - Computation Deduplication
KW - Hardware-Assisted Security
KW - Message-Locked Encryption
UR - http://www.scopus.com/inward/record.url?scp=85074849677&partnerID=8YFLogxK
U2 - 10.1109/ICDCS.2019.00110
DO - 10.1109/ICDCS.2019.00110
M3 - 会议稿件
AN - SCOPUS:85074849677
T3 - Proceedings - International Conference on Distributed Computing Systems
SP - 1072
EP - 1082
BT - Proceedings - 2019 39th IEEE International Conference on Distributed Computing Systems, ICDCS 2019
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 7 July 2019 through 9 July 2019
ER -