1,981 research outputs found
S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX
Function-as-a-Service (FaaS) is a recent and already very popular paradigm in
cloud computing. The function provider need only specify the function to be
run, usually in a high-level language like JavaScript, and the service provider
orchestrates all the necessary infrastructure and software stacks. The function
provider is only billed for the actual computational resources used by the
function invocation. Compared to previous cloud paradigms, FaaS requires
significantly more fine-grained resource measurement mechanisms, e.g. to
measure compute time and memory usage of a single function invocation with
sub-second accuracy. Thanks to the short duration and stateless nature of
functions, and the availability of multiple open-source frameworks, FaaS
enables non-traditional service providers e.g. individuals or data centers with
spare capacity. However, this exacerbates the challenge of ensuring that
resource consumption is measured accurately and reported reliably. It also
raises the issues of ensuring computation is done correctly and minimizing the
amount of information leaked to service providers.
To address these challenges, we introduce S-FaaS, the first architecture and
implementation of FaaS to provide strong security and accountability guarantees
backed by Intel SGX. To match the dynamic event-driven nature of FaaS, our
design introduces a new key distribution enclave and a novel transitive
attestation protocol. A core contribution of S-FaaS is our set of resource
measurement mechanisms that securely measure compute time inside an enclave,
and actual memory allocations. We have integrated S-FaaS into the popular
OpenWhisk FaaS framework. We evaluate the security of our architecture, the
accuracy of our resource measurement mechanisms, and the performance of our
implementation, showing that our resource measurement mechanisms add less than
6.3% latency on standardized benchmarks
On ‘Organized Crime’ in the illicit antiquities trade: moving beyond the definitional debate
The extent to which ‘organized crime’ is involved in illicit antiquities trafficking is unknown and frequently debated. This paper explores the significance and scale of the illicit antiquities trade as a unique transnational criminal phenomenon that is often said to be perpetrated by and exhibit traits of so-called ‘organized crime.’ The definitional debate behind the term ‘organized crime’ is considered as a potential problem impeding our understanding of its existence or extent in illicit antiquities trafficking, and a basic progression-based model is then suggested as a new tool to move beyond the definitional debate for future research that may help to elucidate the actors, processes and criminal dynamics taking place within the illicit antiquities trade from source to market. The paper concludes that researchers should focus not on the question of whether organized criminals- particularly in a traditionally conceived, mafia-type stereotypical sense- are involved in the illicit antiquities trade, but instead on the structure and progression of antiquities trafficking itself that embody both organized and criminal dynamics
Migrating SGX Enclaves with Persistent State
Hardware-supported security mechanisms like Intel Software Guard Extensions
(SGX) provide strong security guarantees, which are particularly relevant in
cloud settings. However, their reliance on physical hardware conflicts with
cloud practices, like migration of VMs between physical platforms. For
instance, the SGX trusted execution environment (enclave) is bound to a single
physical CPU.
Although prior work has proposed an effective mechanism to migrate an
enclave's data memory, it overlooks the migration of persistent state,
including sealed data and monotonic counters; the former risks data loss whilst
the latter undermines the SGX security guarantees. We show how this can be
exploited to mount attacks, and then propose an improved enclave migration
approach guaranteeing the consistency of persistent state. Our software-only
approach enables migratable sealed data and monotonic counters, maintains all
SGX security guarantees, minimizes developer effort, and incurs negligible
performance overhead
Phase transition in inelastic disks
This letter investigates the molecular dynamics of inelastic disks without
external forcing. By introducing a new observation frame with a rescaled time,
we observe the virtual steady states converted from asymptotic energy
dissipation processes. System behavior in the thermodynamic limit is carefully
investigated. It is found that a phase transition with symmetry breaking occurs
when the magnitude of dissipation is greater than a critical value.Comment: 9 pages, 6 figure
Free energies of crystalline solids: a lattice-switch Monte Carlo method
We present a method for the direct evaluation of the difference between the
free energies of two crystalline structures, of different symmetry. The method
rests on a Monte Carlo procedure which allows one to sample along a path,
through atomic-displacement-space, leading from one structure to the other by
way of an intervening transformation that switches one set of lattice vectors
for another. The configurations of both structures can thus be sampled within a
single Monte Carlo process, and the difference between their free energies
evaluated directly from the ratio of the measured probabilities of each. The
method is used to determine the difference between the free energies of the fcc
and hcp crystalline phases of a system of hard spheres.Comment: 5 pages Revtex, 3 figure
Stacking Entropy of Hard Sphere Crystals
Classical hard spheres crystallize at equilibrium at high enough density.
Crystals made up of stackings of 2-dimensional hexagonal close-packed layers
(e.g. fcc, hcp, etc.) differ in entropy by only about per sphere
(all configurations are degenerate in energy). To readily resolve and study
these small entropy differences, we have implemented two different
multicanonical Monte Carlo algorithms that allow direct equilibration between
crystals with different stacking sequences. Recent work had demonstrated that
the fcc stacking has higher entropy than the hcp stacking. We have studied
other stackings to demonstrate that the fcc stacking does indeed have the
highest entropy of ALL possible stackings. The entropic interactions we could
detect involve three, four and (although with less statistical certainty) five
consecutive layers of spheres. These interlayer entropic interactions fall off
in strength with increasing distance, as expected; this fall-off appears to be
much slower near the melting density than at the maximum (close-packing)
density. At maximum density the entropy difference between fcc and hcp
stackings is per sphere, which is roughly 30% higher
than the same quantity measured near the melting transition.Comment: 15 page
Theory of Second and Higher Order Stochastic Processes
This paper presents a general approach to linear stochastic processes driven
by various random noises. Mathematically, such processes are described by
linear stochastic differential equations of arbitrary order (the simplest
non-trivial example is , where is not a Gaussian white
noise). The stochastic process is discretized into time-steps, all possible
realizations are summed up and the continuum limit is taken. This procedure
often yields closed form formulas for the joint probability distributions.
Completely worked out examples include all Gaussian random forces and a large
class of Markovian (non-Gaussian) forces. This approach is also useful for
deriving Fokker-Planck equations for the probability distribution functions.
This is worked out for Gaussian noises and for the Markovian dichotomous noise.Comment: 35 pages, PlainTex, accepted for publication in Phys Rev. E
Frustrated spin model as a hard-sphere liquid
We show that one-dimensional topological objects (kinks) are natural degrees
of freedom for an antiferromagnetic Ising model on a triangular lattice. Its
ground states and the coexistence of spin ordering with an extensive
zero-temperature entropy can be easily understood in terms of kinks forming a
hard-sphere liquid. Using this picture we explain effects of quantum spin
dynamics on that frustrated model, which we also study numerically.Comment: 5 pages, 3 figure
Safety and immunogenicity of a new tuberculosis vaccine, MVA85A, in mycobacterium tuberculosis–infected individuals
Copyright © 2009 by the American Thoracic Society.Rationale: An effective new tuberculosis (TB) vaccine regimen must be safe in individuals with latent TB infection (LTBI) and is a priority for global health care.
Objectives: To evaluate the safety and immunogenicity of a leading new TB vaccine, recombinant Modified Vaccinia Ankara expressing Antigen 85A (MVA85A) in individuals with LTBI.
Methods: An open-label, phase I trial of MVA85A was performed in 12 subjects with LTBI recruited from TB contact clinics in Oxford and London or by poster advertisements in Oxford hospitals. Patients were assessed clinically and had blood samples drawn for immunological analysis over a 52-week period after vaccination with MVA85A. Thoracic computed tomography scans were performed at baseline and at 10 weeks after vaccination. Safety of MVA85A was assessed by clinical, radiological, and inflammatory markers. The immunogenicity of MVA85A was assessed by IFNγ and IL-2 ELISpot assays and FACS.
Measurements and Main Results: MVA85A was safe in subjects with LTBI, with comparable adverse events to previous trials of MVA85A. There were no clinically significant changes in inflammatory markers or thoracic computed tomography scans after vaccination. MVA85A induced a strong antigen-specific IFN-γ and IL-2 response that was durable for 52 weeks. The magnitude of IFN-γ response was comparable to previous trials of MVA85A in bacillus Calmette-Guérin–vaccinated individuals. Antigen 85A–specific polyfunctional CD4+ T cells were detectable prior to vaccination with statistically significant increases in cell numbers after vaccination.
Conclusions: MVA85A is safe and highly immunogenic in individuals with LTBI. These results will facilitate further trials in TB-endemic areas.Oxford Biomedical Research Centre, Wellcome Trust, and AFTBVAC
- …