Difference between revisions of "Prototyping SGX-MR: efficient access-pattern protection for SGX-based confidential data-intensive applications"
(Page create) |
(Added milestones and goals) |
||
Line 9: | Line 9: | ||
Student Research and Development Activities: The REU fellows will perform the following major tasks: • Survey state-of-the-art in access-pattern based side-channel attacks on SGX application • Develop and evaluate candidate solutions for the research problem. • Implement application modules using cryptographic algorithms • Implement client-side user interface to perform interactive analysis | Student Research and Development Activities: The REU fellows will perform the following major tasks: • Survey state-of-the-art in access-pattern based side-channel attacks on SGX application • Develop and evaluate candidate solutions for the research problem. • Implement application modules using cryptographic algorithms • Implement client-side user interface to perform interactive analysis | ||
− | + | ||
+ | |||
+ | |||
+ | ==Milestones and Goals== | ||
+ | {| class="wikitable" | ||
+ | |- | ||
+ | !Week | ||
+ | !Description | ||
+ | |- | ||
+ | | Week 1: Orientation | ||
+ | | | ||
+ | * Familiarize with Marquette, project and mentor | ||
+ | * Set milestones and goals for the project duration | ||
+ | * Attend Data Science bootcamp | ||
+ | * Familiarize myself with related technologies | ||
+ | |- | ||
+ | | Week 2: Prepare development environment | ||
+ | | | ||
+ | * Setup Linux test environment | ||
+ | * Familiarize myself with code of SGX-MR | ||
+ | * Begin investigating Message Queueing systems | ||
+ | |- | ||
+ | | Week 3: Implement logging | ||
+ | | | ||
+ | * Implement logging capabilities server side | ||
+ | * Begin work on message queueing and client side capabilities | ||
+ | |- | ||
+ | | Week 4: Continue development | ||
+ | | | ||
+ | * Continue work on client side functionality | ||
+ | * Begin GUI development for client side functionality | ||
+ | |- | ||
+ | | Week 5: Finish development | ||
+ | | | ||
+ | * Finish development | ||
+ | * Prepare and give presentation over work so far | ||
+ | |- | ||
+ | | Week 6: Begin research phase | ||
+ | | | ||
+ | * Understand deeper concepts of operating systems | ||
+ | |- | ||
+ | | Week 7: SGX Step | ||
+ | | | ||
+ | * Investigate applications of SGX Step | ||
+ | |- | ||
+ | | Week 8: Implement sample application | ||
+ | | | ||
+ | * Begin work on a sample application that utilizes SGX Step to fin page-faults | ||
+ | |- | ||
+ | | Week 9: SGX Step cont. | ||
+ | | | ||
+ | * Use SGX Step to find page-level access patterns | ||
+ | |- | ||
+ | | Week 10: Presenting Research | ||
+ | | | ||
+ | * Finish and present project | ||
+ | |} |
Revision as of 22:28, 11 June 2021
Title: Prototyping SGX-MR: efficient access-pattern protection for SGX-based confidential data-intensive applications
Mentor: Dr. Keke Chen
Summary: Intel SGX has been a popular trusted execution environment for protecting the integrity and confidentiality of cloud or edge applications. However, the secured program has to interact with the encrypted data in the unprotected memory area in data-intensive applications – the access pattern may leak important information to adversaries. Researchers have been experimenting with Oblivious RAM (ORAM) to address the privacy of access patterns, which is a powerful but expensive low-level primitive that provides application-agnostic protection for any I/O operations. We find that some application-specific access patterns, such as sequential block I/O, do not provide additional information to adversaries. Others, such as sorting, can be replaced with specific oblivious versions that are more efficient than ORAM. The challenge is that developers may need to look into all the details of application-specific access patterns to design efficient solutions, which is inconvenient. We have proposed the lightweight SGX-MR approach to regulating the dataflow of data-intensive SGX applications using the MapReduce framework and simplifying application development. With this framework, we only need to examine the stages of data access, identify the access patterns that need protection, and design corresponding efficient protection methods.
This REU study aims to develop a prototype system for SGX-MR. Based on the prototype system, we will perform in-depth analysis and further improve access-pattern protection, performance, and functionality of SGX-MR. Students will gain privacy and security-focused research and development experience, including secure computation with trusted execution environment, cryptographic algorithms, side-channel attacks, data visualization, and design and implementation of the client-side user interface.
Student Research and Development Activities: The REU fellows will perform the following major tasks: • Survey state-of-the-art in access-pattern based side-channel attacks on SGX application • Develop and evaluate candidate solutions for the research problem. • Implement application modules using cryptographic algorithms • Implement client-side user interface to perform interactive analysis
Milestones and Goals
Week | Description |
---|---|
Week 1: Orientation |
|
Week 2: Prepare development environment |
|
Week 3: Implement logging |
|
Week 4: Continue development |
|
Week 5: Finish development |
|
Week 6: Begin research phase |
|
Week 7: SGX Step |
|
Week 8: Implement sample application |
|
Week 9: SGX Step cont. |
|
Week 10: Presenting Research |
|