Secure Integration of Desktop Grids and Compute Clusters Based on Virtualization and Meta-Scheduling

Reducing the cost for business or scientific computations, is a commonly expressed goal in today’s companies. Using the available computers of local employees or the outsourcing of such computations are two obvious solutions to save money for additional hardware. Both possibilities exhibit security related disadvantages, since the deployed software and data can be copied or tampered if appropriate countermeasures are not taken. In this paper, an approach is presented to let a local desktop machines and remote cluster resources be securely combined into a singel Grid environment. Solutions to several problems in the areas of secure virtual networks, meta-scheduling and accessing cluster schedulers from desktop Grids are proposed

Edgar: Offloading Function Execution to the Ultimate Edge: Technical Report

Web applications are on the rise and rapidly evolve into mature replacements for their native counterparts. This trend is mainly driven by the attainment of platform-independence and instant deployability. While web applications are getting more and more complex, scalability and responsiveness remain key challenges that are addressed by rather costly approaches such as cloud computing. In this paper, we present Edgar, a novel middleware for web applications that enables client-side execution of code usually requiring server-side deployment due to missing trust in clients. Following the paradigm of Function-as-a-Service, applications consist of functions that can be distributed to browsers. Other nearby browsers can discover these functions and then directly invoke them on a peer-to-peer basis. Thus, client-side resources are used to provision the web application, which generates lower costs for service providers. Offering premium services such as liberation from ads can be used to incentivise users to provide their resources. In case of resource shortage or unresponsive clients, execution falls back to a cloud-based infrastructure. Edgar combines WebAssembly for executing workloads written in different languages at near-native speed, WebRTC for browser-to-browser communication and Intel SGX to establish trust in other browser’s computations.We evaluate Edgar by implementing a digital assistant as well as a recommendation system. Our evaluation shows that Edgar generates lower costs than traditional deployments, scales linearly with increasing client numbers and manages unresponsive clients well

Distributed public key based computing: The super virtual computer

A problem with modern computing architecture is allocation of resources. When distributed systems are scaled, the workload is rarely shared amongst nodes efficiently. At an organizational level, there are even more allocation issues; workstations are typically oversized and underutilized. The extra capacity of these workstations could be utilized to assist servers with computing tasks. The underutilized resources can be redistributed towards server tasks in order to solve the modern problems of under sizing, redundancy and scalability. My approach to this problem is to use a combination of modern methodologies and technologies to reallocate unused resources towards collaborative computing efforts. To do this, we can combine any number of devices into a resource pool to be used by those who need additional computing resources. To achieve this, I used a compiled language that reaches many platforms. My solution uses public key infrastructure to validate nodes and their computation results. To perform the computing, I used a cloud-first approach based on the FaaS model. Using these nodes in a distributed architecture, the computing can be allocated more effectively with built-in redundancy and scalability. This technology can ease computational shortcomings and reduce capital expenditures in organizations

Privacy-Friendly Collaboration for Cyber Threat Mitigation

Sharing of security data across organizational boundaries has often been advocated as a promising way to enhance cyber threat mitigation. However, collaborative security faces a number of important challenges, including privacy, trust, and liability concerns with the potential disclosure of sensitive data. In this paper, we focus on data sharing for predictive blacklisting, i.e., forecasting attack sources based on past attack information. We propose a novel privacy-enhanced data sharing approach in which organizations estimate collaboration benefits without disclosing their datasets, organize into coalitions of allied organizations, and securely share data within these coalitions. We study how different partner selection strategies affect prediction accuracy by experimenting on a real-world dataset of 2 billion IP addresses and observe up to a 105% prediction improvement.Comment: This paper has been withdrawn as it has been superseded by arXiv:1502.0533