Outline: An Extensive and Secure Personal Data Management System Using SGX

International audiencePersonal Data Management System (PDMS) solutions are currently flourishing, spurred by new privacy regulations such as GDPR and new legal concepts like data altruism. PDMSs aim to empower individuals by providing appropriate tools to collect and manage their personal data and share computed results with third parties, thus requiring (i) a secure platform protecting the user’s privacy and delivering strong guarantees on the outputs of user’s data processing, and (ii) an extensible solution that supports all types of data-driven computation

An Extensive and Secure Personal Data Management System Using SGX

International audiencePersonal Data Management System (PDMS) solutions are currently flourishing, spurred by new privacy regulations such as GDPR and new legal concepts like data altruism. PDMSs aim to empower individuals by providing appropriate tools to collect and manage their personal data and share computed results with third parties, thus requiring (i) a secure platform protecting the user's privacy and delivering strong guarantees on the outputs of user's data processing, and (ii) an extensible solution that supports all types of data-driven computations. In previous works, we analyzed these requirements and proposed an Extensive and Secure PDMS (ES-PDMS) logical architecture. This demonstration presents the first ES-PDMS prototype based on SGX enclaves, focusing on its security properties with the help of several concrete scenarios and interactive games

New development in the CMS ECAL Level-1 trigger system to meet the challenges of LHC Run 2

The CMS Electromagnetic Calorimeter (ECAL) provides energy sums to the Level-1 calorimeter trigger at a rate of 40 MHz. The processing of these trigger primitives (TPs) is performed by dedicated trigger concentrator cards (TCCs) located in the CMS service cavern. Updates to the functionality of the TCCs are required to respond to the challenging experimental conditions of LHC Run 2, where the center-of-mass of proton-proton collision energy was 13 TeV and the peak instantaneous luminosity of the proton beams reached 2x10$^{34}$ cm$^{-2}$s$^{-1}$. A new algorithm, termed the Cumulative Overflow Killing Engine (COKE), has been developed and implemented via software and firmware updates to the TCCs in order to automatically detect and mask noisy or problematic TPs via configurable thresholds. The auto-recovery of the TCC from Single Event Upsets (SEUs) has also been improved. This allows the detector to trigger efficiently without direct expert intervention, and the thresholds can evolve with evolving LHC conditions

Flexible online monitoring for high-energy physics with Pyrame

International audienceThe present work reports on the new online monitoring capabilities of the software suite Pyrame, an open-source framework designed for high energy physics (HEP) applications. Pyrame provides an easy-to-deploy solution for command, control and data-acquisition of particle detectors and related test-benches. Pyrame’s new online monitoring architecture is based on the distribution of the data treatment operations among multiple modules in the system, with multiple input and output streams. Uncontrolled data loss is prevented by providing data at the speed of consumers. In addition to the distributed data treatment capabilities, Pyrame includes a performance-oriented module dedicated to real-time data acquisition, capable of handling and storing data at 4 Gbit/s for further treatment

Pyrame, a rapid-prototyping framework for online systems

International audienceThe present work reports on the software Pyrame, an open-source online framework designed with high-energy physics applications in mind and providing a light-weight, distributed, stable, performant and easy-to-deploy solution. Pyrame is a data-acquisition chain, a data- exchange network protocol and a wide set of drivers allowing the control of hardware components. Data-acquisition throughput is on the order of 4 Gb/s for memory to memory acquisitions and Pyrame protocol overhead is about 50 µs per command/response using the stock tools

An Extensive and Secure Personal Data Management System Using SGX

National audiencePersonal Data Management System (PDMS) solutions are currently flourishing, spurred by new privacy regulations such as GDPR and new legal concepts like data altruism. PDMSs aim to empower individuals by providing appropriate tools to collect and manage their personal data and share computed results with third parties, thus requiring (i) a secure platform protecting the user's privacy and delivering strong guarantees on the outputs of user's data processing, and (ii) an extensible solution that supports all types of data-driven computations. In previous works, we analyzed these requirements and proposed an Extensive and Secure PDMS (ES-PDMS) logical architecture. This demonstration presents the first ES-PDMS prototype based on SGX enclaves, focusing on its security properties with the help of several concrete scenarios and interactive games

Outline: An Extensive and Secure Personal Data Management System Using SGX

International audiencePersonal Data Management System (PDMS) solutions are currently flourishing, spurred by new privacy regulations such as GDPR and new legal concepts like data altruism. PDMSs aim to empower individuals by providing appropriate tools to collect and manage their personal data and share computed results with third parties, thus requiring (i) a secure platform protecting the user’s privacy and delivering strong guarantees on the outputs of user’s data processing, and (ii) an extensible solution that supports all types of data-driven computation

An Extensive and Secure Personal Data Management System Using SGX

International audiencePersonal Data Management System (PDMS) solutions are currently flourishing, spurred by new privacy regulations such as GDPR and new legal concepts like data altruism. PDMSs aim to empower individuals by providing appropriate tools to collect and manage their personal data and share computed results with third parties, thus requiring (i) a secure platform protecting the user's privacy and delivering strong guarantees on the outputs of user's data processing, and (ii) an extensible solution that supports all types of data-driven computations. In previous works, we analyzed these requirements and proposed an Extensive and Secure PDMS (ES-PDMS) logical architecture. This demonstration presents the first ES-PDMS prototype based on SGX enclaves, focusing on its security properties with the help of several concrete scenarios and interactive games

New development in the CMS ECAL Level-1 trigger system to meet the challenges of LHC Run 2

International audienceAbstract - The CMS Electromagnetic Calorimeter (ECAL) provides energy sums to the Level-1Calorimeter Trigger at a rate of 40 MHz. The processing of these trigger primitives (TPs) isperformed by dedicated trigger concentrator cards (TCCs) located in the CMS service cavern.Updates to the functionality of the TCCs were required to respond to the challengingexperimental conditions of LHC Run 2, where the center-of-mass of proton-proton collisionenergy was 13 TeV and the peak instantaneous luminosity of the proton beams reached 2x1034cm$^{-2}$ s$^{-1}$. A new algorithm, termed the Cumulative Overflow Killing Engine (COKE), has beendeveloped and implemented via software and firmware updates to the TCCs in order toautomatically detect and mask noisy or problematic TPs via configurable thresholds. The autorecovery of the TCCs has also been improved, to manage the Single Event Upsets (SEUs) fromthe front-end electronics. This allows the detector to trigger efficiently without direct expertintervention, and the thresholds can evolve with evolving LHC conditions