10,824 research outputs found
SGXIO: Generic Trusted I/O Path for Intel SGX
Application security traditionally strongly relies upon security of the
underlying operating system. However, operating systems often fall victim to
software attacks, compromising security of applications as well. To overcome
this dependency, Intel introduced SGX, which allows to protect application code
against a subverted or malicious OS by running it in a hardware-protected
enclave. However, SGX lacks support for generic trusted I/O paths to protect
user input and output between enclaves and I/O devices.
This work presents SGXIO, a generic trusted path architecture for SGX,
allowing user applications to run securely on top of an untrusted OS, while at
the same time supporting trusted paths to generic I/O devices. To achieve this,
SGXIO combines the benefits of SGX's easy programming model with traditional
hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure
debug enclaves to behave like secure production enclaves. SGXIO surpasses
traditional use cases in cloud computing and makes SGX technology usable for
protecting user-centric, local applications against kernel-level keyloggers and
likewise. It is compatible to unmodified operating systems and works on a
modern commodity notebook out of the box. Hence, SGXIO is particularly
promising for the broad x86 community to which SGX is readily available.Comment: To appear in CODASPY'1
S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX
Function-as-a-Service (FaaS) is a recent and already very popular paradigm in
cloud computing. The function provider need only specify the function to be
run, usually in a high-level language like JavaScript, and the service provider
orchestrates all the necessary infrastructure and software stacks. The function
provider is only billed for the actual computational resources used by the
function invocation. Compared to previous cloud paradigms, FaaS requires
significantly more fine-grained resource measurement mechanisms, e.g. to
measure compute time and memory usage of a single function invocation with
sub-second accuracy. Thanks to the short duration and stateless nature of
functions, and the availability of multiple open-source frameworks, FaaS
enables non-traditional service providers e.g. individuals or data centers with
spare capacity. However, this exacerbates the challenge of ensuring that
resource consumption is measured accurately and reported reliably. It also
raises the issues of ensuring computation is done correctly and minimizing the
amount of information leaked to service providers.
To address these challenges, we introduce S-FaaS, the first architecture and
implementation of FaaS to provide strong security and accountability guarantees
backed by Intel SGX. To match the dynamic event-driven nature of FaaS, our
design introduces a new key distribution enclave and a novel transitive
attestation protocol. A core contribution of S-FaaS is our set of resource
measurement mechanisms that securely measure compute time inside an enclave,
and actual memory allocations. We have integrated S-FaaS into the popular
OpenWhisk FaaS framework. We evaluate the security of our architecture, the
accuracy of our resource measurement mechanisms, and the performance of our
implementation, showing that our resource measurement mechanisms add less than
6.3% latency on standardized benchmarks
On Verifying Resource Contracts using Code Contracts
In this paper we present an approach to check resource consumption contracts
using an off-the-shelf static analyzer.
We propose a set of annotations to support resource usage specifications, in
particular, dynamic memory consumption constraints. Since dynamic memory may be
recycled by a memory manager, the consumption of this resource is not monotone.
The specification language can express both memory consumption and lifetime
properties in a modular fashion.
We develop a proof-of-concept implementation by extending Code Contracts'
specification language. To verify the correctness of these annotations we rely
on the Code Contracts static verifier and a points-to analysis. We also briefly
discuss possible extensions of our approach to deal with non-linear
expressions.Comment: In Proceedings LAFM 2013, arXiv:1401.056
Design and Experimental Validation of a Software-Defined Radio Access Network Testbed with Slicing Support
Network slicing is a fundamental feature of 5G systems to partition a single
network into a number of segregated logical networks, each optimized for a
particular type of service, or dedicated to a particular customer or
application. The realization of network slicing is particularly challenging in
the Radio Access Network (RAN) part, where multiple slices can be multiplexed
over the same radio channel and Radio Resource Management (RRM) functions shall
be used to split the cell radio resources and achieve the expected behaviour
per slice. In this context, this paper describes the key design and
implementation aspects of a Software-Defined RAN (SD-RAN) experimental testbed
with slicing support. The testbed has been designed consistently with the
slicing capabilities and related management framework established by 3GPP in
Release 15. The testbed is used to demonstrate the provisioning of RAN slices
(e.g. preparation, commissioning and activation phases) and the operation of
the implemented RRM functionality for slice-aware admission control and
scheduling
Design and experimental validation of a software-defined radio access network testbed with slicing support
Network slicing is a fundamental feature of 5G systems to partition a single network into a number of segregated logical networks, each optimized for a particular type of service or dedicated to a particular customer or application. The realization of network slicing is particularly challenging in the Radio Access Network (RAN) part, where multiple slices can be multiplexed over the same radio channel and Radio Resource Management (RRM) functions shall be used to split the cell radio resources and achieve the expected behaviour per slice. In this context, this paper describes the key design and implementation aspects of a Software-Defined RAN (SD-RAN) experimental testbed with slicing support. The testbed has been designed consistently with the slicing capabilities and related management framework established by 3GPP in Release 15. The testbed is used to demonstrate the provisioning of RAN slices (e.g., preparation, commissioning, and activation phases) and the operation of the implemented RRM functionality for slice-aware admission control and scheduling.Peer ReviewedPostprint (published version
THE NEW-MEMBER PROBLEM IN THE COOPERATIVE MANAGEMENT OF HIGH SEAS FISHERIES
This paper discusses the threat that new members pose to the cooperative agreements in the management of straddling and highly migratory fish stocks and the possible solutions to this problem. In particular, the main solutions proposed in the fisheries literature are explored-namely the "transferable membership," the "waiting period" and the "fair sharing rule." The analysis is illustrated by a typical highly migratory species: the northern Atlantic bluefin tuna. The application of the analysis to the bluefin tuna fishery case study shows that, at present, the threat of the new members is not sufficient for the breakdown of the cooperative agreement. The simulation results for this case study show that both the "transferable membership" and the "fair sharing rule" solutions solve the potential new member threat.Resource /Energy Economics and Policy,
All that Glitters: A Review of Payments for Watershed Services in Developing Countries
This report reviews the current status of payments for watershed services in developing countries. It highlights the main trends in the evolution of these schemes, synthesising the available evidence on their environmental and social impacts, and drawing lessons for the design of future initiatives. The interest in payments for watershed services (PWS) as a tool for watershed management in developing countries is growing, despite major setbacks. This review identified 50 ongoing schemes, 8 advanced proposals and 37 preliminary proposals for PWS. A previous review published by the International Institute for Environment and Development (IIED) on markets and payments for environmental services (Silver Bullet or Fools' Gold? (Landell-Mills and Porras 2002)) identified just 41 proposed and ongoing PWS schemes in developing countries, which suggests a considerable growth in interest in this approach
- âŠ