9 research outputs found
A Holistic Approach for Trustworthy Distributed Systems with WebAssembly and TEEs
Publish/subscribe systems play a key role in enabling communication between
numerous devices in distributed and large-scale architectures. While widely
adopted, securing such systems often trades portability for additional
integrity and attestation guarantees. Trusted Execution Environments (TEEs)
offer a potential solution with enclaves to enhance security and trust.
However, application development for TEEs is complex, and many existing
solutions are tied to specific TEE architectures, limiting adaptability.
Current communication protocols also inadequately manage attestation proofs or
expose essential attestation information. This paper introduces a novel
approach using WebAssembly to address these issues, a key enabling technology
nowadays capturing academia and industry attention. We present the design of a
portable and fully attested publish/subscribe middleware system as a holistic
approach for trustworthy and distributed communication between various systems.
Based on this proposal, we have implemented and evaluated in-depth a
fully-fledged publish/subscribe broker running within Intel SGX, compiled in
WebAssembly, and built on top of industry-battled frameworks and standards,
i.e., MQTT and TLS protocols. Our extended TLS protocol preserves the privacy
of attestation information, among other benefits. Our experimental results
showcase most overheads, revealing a 1.55x decrease in message throughput when
using a trusted broker. We open-source the contributions of this work to the
research community to facilitate experimental reproducibility.Comment: This publication incorporates results from the VEDLIoT project, which
received funding from the European Union's Horizon 2020 research and
innovation programme under grant agreement No 95719
FOUGERE: User-Centric Location Privacy in Mobile Crowdsourcing Apps
International audienceMobile crowdsourcing is being increasingly used by industrial and research communities to build realistic datasets. By leveraging the capabilities of mobile devices, mobile crowdsourcing apps can be used to track participants' activity and to collect insightful reports from the environment (e.g., air quality, network quality). However, most of existing crowdsourced datasets systematically tag data samples with time and location stamps, which may inevitably lead to user privacy leaks by discarding sensitive information. This paper addresses this critical limitation of the state of the art by proposing a software library that improves user privacy without compromising the overall quality of the crowdsourced datasets. We propose a decentralized approach, named Fougere, to convey data samples from user devices to third-party servers. By introducing an a priori data anonymization process, we show that Fougere defeats state-of-the-art location-based privacy attacks with little impact on the quality of crowd-sourced datasets
Epidemic Learning: Boosting Decentralized Learning with Randomized Communication
We present Epidemic Learning (EL), a simple yet powerful decentralized
learning (DL) algorithm that leverages changing communication topologies to
achieve faster model convergence compared to conventional DL approaches. At
each round of EL, each node sends its model updates to a random sample of
other nodes (in a system of nodes). We provide an extensive theoretical
analysis of EL, demonstrating that its changing topology culminates in superior
convergence properties compared to the state-of-the-art (static and dynamic)
topologies. Considering smooth non-convex loss functions, the number of
transient iterations for EL, i.e., the rounds required to achieve asymptotic
linear speedup, is in which outperforms the best-known bound
by a factor of , indicating the benefit of randomized
communication for DL. We empirically evaluate EL in a 96-node network and
compare its performance with state-of-the-art DL approaches. Our results
illustrate that EL converges up to quicker than baseline DL
algorithms and attains \% higher accuracy for the same communication
volume.Comment: Accepted paper at NeurIPS 202
Approaches to Conflict-free Replicated Data Types
Conflict-free Replicated Data Types (CRDTs) allow optimistic replication in a
principled way. Different replicas can proceed independently, being available
even under network partitions, and always converging deterministically:
replicas that have received the same updates will have equivalent state, even
if received in different orders. After a historical tour of the evolution from
sequential data types to CRDTs, we present in detail the two main approaches to
CRDTs, operation-based and state-based, including two important variations, the
pure operation-based and the delta-state based. Intended as a tutorial for
prospective CRDT researchers and designers, it provides solid coverage of the
essential concepts, clarifying some misconceptions which frequently occur, but
also presents some novel insights gained from considerable experience in
designing both specific CRDTs and approaches to CRDTs.Comment: 36 page
ECROs: Building global scale systems from sequential code
Funding Information: We would like to thank Matteo Marra, Jim Bauwens, and the anonymous reviewers for their comments which helped improve the paper. Kevin De Porre is funded by an SB Fellowship of the Research Foundation - Flanders. Project number: 1S98519N. This work was partially supported by Fundação para a Ciência e a Tecnologia - Portugal (FCT/MCTES) under grants UIDB/04516/2020, PTDC/CCI-INF/32081/2017, and LISBOA-01-0145-FEDER-032662/PTDC/CCI-INF/32662/2017.To ease the development of geo-distributed applications, replicated data types (RDTs) offer a familiar programming interface while ensuring state convergence, low latency, and high availability. However, RDTs are still designed exclusively by experts using ad-hoc solutions that are error-prone and result in brittle systems. Recent works statically detect conflicting operations on existing data types and coordinate those at runtime to guarantee convergence and preserve application invariants. However, these approaches are too conservative, imposing coordination on a large number of operations. In this work, we propose a principled approach to design and implement efficient RDTs taking into account application invariants. Developers extend sequential data types with a distributed specification, which together form an RDT. We statically analyze the specification to detect conflicts and unravel their cause. This information is then used at runtime to serialize concurrent operations safely and efficiently. Our approach derives a correct RDT from any sequential data type without changes to the data type's implementation and with minimal coordination. We implement our approach in Scala and develop an extensive portfolio of RDTs. The evaluation shows that our approach provides performance similar to conflict-free replicated data types for commutative operations, and considerably improves the performance of non-commutative operations, compared to existing solutions.publishersversionpublishe
Publications 1998
This publication comprises the monographs published by the Institutions of the Communit
Distributed Applications and Interoperable Systems: 19th IFIP WG 6.1 International Conference, DAIS 2019, Held as Part of the 14th International Federated Conference on Distributed Computing Techniques, DisCoTec 2019, Kongens Lyngby, Denmark, June 17–21, 2019, Proceedings
International audienceBook Front Matter of LNCS 1153