ABSTRACT
A consolidated trend in designing cloud-based applications is to make use of a reactive microservice architecture, which allows to divide an application in several well-partitioned software units with specific responsibilities. Such an architecture perfectly fits in cloud environments, ensuring a number of advantages (i.e., high availability and scalability, ease of deployment and development). However, the new way of designing cloud applications introduces challenging security threats. Besides the difficulty in monitoring security of the overall distributed application, an important aspect of concern relates to the risk of break the chain of trust established among the different microservices belonging to the application. That is, a compromised single microservice may bring down the other related ones.
In this paper, we present the approach pursued in the context of SERECA1 project to secure microservice based applications. We leveraged the new extension of Intel's CPU, namely Software Guard eXtension (SGX), to enhance the security of applications using Eclipse Vert.x, the tool-kit for building reactive cloud applications. We developed an infrastructure composed by several SGX-enabled facilities (e.g. Database, Containers, Coordination Services) to support the process of integration between Intel SGX and micro-service applications. Our platform has been, then, validated through two use cases that made use of the developed secure facilities, i.e., a Critical Infrastructure (CI) monitoring application - having strong requirements in terms of data integrity - and an application for performance analysis of cloud-based services where the confidentiality of data is of main interest.
- Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O'Keeffe, Mark L. Stillwell, David Goltzsche, Dave Eyers, Rüdiger Kapitza, Peter Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16). USENIX Association, GA, 689--703. https://www.usenix.org/conference/osdi16/technical-sessions/presentation/arnautov Google ScholarDigital Library
- Stefan Brenner, Colin Wulf, David Goltzsche, Nico Weichbrodt, Matthias Lorenz, Christof Fetzer, Peter R. Pietzuch, and Rüdiger Kapitza. 2016. SecureKeeper: Confidential ZooKeeper using Intel SGX. In Middleware. ACM, 14. Google ScholarDigital Library
- Craig Gentry. 2010. Computing Arbitrary Functions of Encrypted Data. Commun. ACM 53, 3 (March 2010), 97--105. Google ScholarDigital Library
- Gaetano Papale Luigi Sgaglione Rosario Cristaldi Gianfranco Cerullo, Giovanni Mazzeo. 2016. A Secure Cloud-Based SCADA Application: The Use Case of a Water Supply Network.Google Scholar
- Intel Corp. 2014. Software Guard Extensions Programming Reference, Ref. 329298-002US. https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf. (Oct. 2014). https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdfGoogle Scholar
- Seny Kamara and Mariana Raykova. 2013. Parallel Homomorphic Encryption. In Workshop on Applied Homomorphic Encryption (WAHC '13).Google Scholar
- Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Arvind Seshadri. 2008. How low can you go?: recommendations for hardware-supported minimal TCB code execution. In ASPLOS, Susan J. Eggers and James R. Larus (Eds.). ACM, 14--25. Google ScholarDigital Library
- Ahmad-Reza Sadeghi, Marcel Selhorst, Christian Stble, Christian Wachsmann, and Marcel Winandy 2006. TCG inside?: a note on TPM specification compliance. In STC, Ari Juels, Gene Tsudik, Shouhuai Xu, and Moti Yung (Eds.). ACM, 47--56. Google ScholarDigital Library
- G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, and Srinivas Devadas. 2003. AEGIS: Architecture for Tamper-evident and Tamperresistant Processing. In Proceedings of the 17th Annual International Conference on Supercomputing (ICS '03). ACM, New York, NY, USA, 160--171. Google ScholarDigital Library
- M. Tebaa, S. El Hajji, and A. El Ghazi. 2012. Homomorphic encryption method applied to Cloud Computing. In Network Security and Systems (JNS2). 86--89.Google Scholar
- David Lie Chandramohan Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell, and Mark Horowitz. 2000. Architectural Support for Copy and Tamper Resistant Software. In Proceedings of the Ninth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS IX). ACM, New York, NY, USA, 168--177. Google ScholarDigital Library
- Marten Van Dijk, Craig Gentry, Shai Halevi, and Vinod Vaikuntanathan. 2010. Fully homomorphic encryption over the integers. In Advances in Cryptology--EUROCRYPT2010. Springer, 24--43. Google ScholarDigital Library
- Zhenfei Zhang, Thomas Plantard, and Willy Susilo. 2011. Reaction Attack on Outsourced Computing with Fully Homomorphic Encryption Schemes. In ICISC, Howon Kim (Ed.). Springer, 419--436. Google ScholarDigital Library
Recommendations
A comparative analysis of emerging approaches for securing java software with Intel SGX
AbstractIntel SGX enables developers to protect security critical parts of their application code and data even from privileged software. This type of protection is needed in all cases where applications run on untrusted infrastructures, ...
Highlights- This paper overviews current approaches for securing Java software with Intel SGX.
Different facets of security in the cloud
CNS '12: Proceedings of the 15th Communications and Networking Simulation SymposiumCloud computing is a long fantasized visualization of computing as a utility, where data owners can remotely store and access their data in the cloud anytime and from anywhere. Using a shared pool of configurable resources, users can be relieved from ...
Performance Modeling for Cloud Microservice Applications
ICPE '19: Proceedings of the 2019 ACM/SPEC International Conference on Performance EngineeringMicroservices enable a fine-grained control over the cloud applications that they constitute and thus became widely-used in the industry. Each microservice implements its own functionality and communicates with other microservices through language- and ...
Comments