Squad : a secure, simple storage service for SGXbased microservices.

Detalhes bibliográficos
Autor(a) principal: SILVA, Matheus Sthefano Leite da.
Data de Publicação: 2019
Tipo de documento: Trabalho de conclusão de curso
Idioma: por
Título da fonte: Biblioteca Digital de Teses e Dissertações da UFCG
Texto Completo: http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757
Resumo: Intel SGX has been the subject of numerous research and development projects. Moreover, this technology has been considered a robust option to secure the data being processed in cloud environments. Despite this, configuring SGX-based applications in complex and dynamic scenarios such as microservice architectures is still a challenge. The process of configuring such applications must guarantee the trustworthiness of the services, and must be simple and efficient.We then propose a solution for configuring and provisioning secrets to SGX-based applications made with help of the Intel SGX SDK. We present a simple solution that can be easily validated and hardened. Also, the solution is pluggable and can be extended to fit specific requirements or leverage other tools (e.g., for data persistence). In addition to describing our proposal, we also provide an evaluation that shows low overhead to the initialization and configuration time of SGX microservices deployed on Kubernetes. This work contributes to the state-of-the-art of research on using trusted execution environments in cloud computing.
id UFCG_2984ceb4566b493bae79e596487edeb3
oai_identifier_str oai:localhost:riufcg/20757
network_acronym_str UFCG
network_name_str Biblioteca Digital de Teses e Dissertações da UFCG
repository_id_str 4851
spelling Squad : a secure, simple storage service for SGXbased microservices.Squad : a secure, simple storage service for SGXbased microservices.Microservices architectureIntel SXGSecurityStorage serviceSXG-based microservicesCiência da Computação.Intel SGX has been the subject of numerous research and development projects. Moreover, this technology has been considered a robust option to secure the data being processed in cloud environments. Despite this, configuring SGX-based applications in complex and dynamic scenarios such as microservice architectures is still a challenge. The process of configuring such applications must guarantee the trustworthiness of the services, and must be simple and efficient.We then propose a solution for configuring and provisioning secrets to SGX-based applications made with help of the Intel SGX SDK. We present a simple solution that can be easily validated and hardened. Also, the solution is pluggable and can be extended to fit specific requirements or leverage other tools (e.g., for data persistence). In addition to describing our proposal, we also provide an evaluation that shows low overhead to the initialization and configuration time of SGX microservices deployed on Kubernetes. This work contributes to the state-of-the-art of research on using trusted execution environments in cloud computing.Universidade Federal de Campina GrandeBrasilCentro de Engenharia Elétrica e Informática - CEEIUFCGBRITO, Andrey Elísio Monteiro.BRITO, A. E. M.http://lattes.cnpq.br/2634324830901340GOMES, Herman Martins.GOMES, H. M.MASSONI, Tiago Lima.MASSONI, T. L.SILVA, Matheus Sthefano Leite da.2019-07-022021-08-20T20:56:36Z2021-08-202021-08-20T20:56:36Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/bachelorThesishttp://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757SILVA, Matheus Sthefano Leite da. Squad : a secure, simple storage service for SGXbased microservices. 2019. 13f. (Trabalho de Conclusão de Curso - Artigo) – Curso de Bacharelado em Ciência da Computação, Centro de Engenharia Elétrica e Informática, Universidade Federal de Campina Grande, Paraíba, Brasil, 2019. Disponível em: http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757porinfo:eu-repo/semantics/openAccessreponame:Biblioteca Digital de Teses e Dissertações da UFCGinstname:Universidade Federal de Campina Grande (UFCG)instacron:UFCG2021-08-20T20:57:21Zoai:localhost:riufcg/20757Biblioteca Digital de Teses e Dissertaçõeshttp://bdtd.ufcg.edu.br/PUBhttp://dspace.sti.ufcg.edu.br:8080/oai/requestbdtd@setor.ufcg.edu.br || bdtd@setor.ufcg.edu.bropendoar:48512021-08-20T20:57:21Biblioteca Digital de Teses e Dissertações da UFCG - Universidade Federal de Campina Grande (UFCG)false
dc.title.none.fl_str_mv Squad : a secure, simple storage service for SGXbased microservices.
Squad : a secure, simple storage service for SGXbased microservices.
title Squad : a secure, simple storage service for SGXbased microservices.
spellingShingle Squad : a secure, simple storage service for SGXbased microservices.
SILVA, Matheus Sthefano Leite da.
Microservices architecture
Intel SXG
Security
Storage service
SXG-based microservices
Ciência da Computação.
title_short Squad : a secure, simple storage service for SGXbased microservices.
title_full Squad : a secure, simple storage service for SGXbased microservices.
title_fullStr Squad : a secure, simple storage service for SGXbased microservices.
title_full_unstemmed Squad : a secure, simple storage service for SGXbased microservices.
title_sort Squad : a secure, simple storage service for SGXbased microservices.
author SILVA, Matheus Sthefano Leite da.
author_facet SILVA, Matheus Sthefano Leite da.
author_role author
dc.contributor.none.fl_str_mv BRITO, Andrey Elísio Monteiro.
BRITO, A. E. M.
http://lattes.cnpq.br/2634324830901340
GOMES, Herman Martins.
GOMES, H. M.
MASSONI, Tiago Lima.
MASSONI, T. L.
dc.contributor.author.fl_str_mv SILVA, Matheus Sthefano Leite da.
dc.subject.por.fl_str_mv Microservices architecture
Intel SXG
Security
Storage service
SXG-based microservices
Ciência da Computação.
topic Microservices architecture
Intel SXG
Security
Storage service
SXG-based microservices
Ciência da Computação.
description Intel SGX has been the subject of numerous research and development projects. Moreover, this technology has been considered a robust option to secure the data being processed in cloud environments. Despite this, configuring SGX-based applications in complex and dynamic scenarios such as microservice architectures is still a challenge. The process of configuring such applications must guarantee the trustworthiness of the services, and must be simple and efficient.We then propose a solution for configuring and provisioning secrets to SGX-based applications made with help of the Intel SGX SDK. We present a simple solution that can be easily validated and hardened. Also, the solution is pluggable and can be extended to fit specific requirements or leverage other tools (e.g., for data persistence). In addition to describing our proposal, we also provide an evaluation that shows low overhead to the initialization and configuration time of SGX microservices deployed on Kubernetes. This work contributes to the state-of-the-art of research on using trusted execution environments in cloud computing.
publishDate 2019
dc.date.none.fl_str_mv 2019-07-02
2021-08-20T20:56:36Z
2021-08-20
2021-08-20T20:56:36Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/bachelorThesis
format bachelorThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757
SILVA, Matheus Sthefano Leite da. Squad : a secure, simple storage service for SGXbased microservices. 2019. 13f. (Trabalho de Conclusão de Curso - Artigo) – Curso de Bacharelado em Ciência da Computação, Centro de Engenharia Elétrica e Informática, Universidade Federal de Campina Grande, Paraíba, Brasil, 2019. Disponível em: http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757
url http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757
identifier_str_mv SILVA, Matheus Sthefano Leite da. Squad : a secure, simple storage service for SGXbased microservices. 2019. 13f. (Trabalho de Conclusão de Curso - Artigo) – Curso de Bacharelado em Ciência da Computação, Centro de Engenharia Elétrica e Informática, Universidade Federal de Campina Grande, Paraíba, Brasil, 2019. Disponível em: http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757
dc.language.iso.fl_str_mv por
language por
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.publisher.none.fl_str_mv Universidade Federal de Campina Grande
Brasil
Centro de Engenharia Elétrica e Informática - CEEI
UFCG
publisher.none.fl_str_mv Universidade Federal de Campina Grande
Brasil
Centro de Engenharia Elétrica e Informática - CEEI
UFCG
dc.source.none.fl_str_mv reponame:Biblioteca Digital de Teses e Dissertações da UFCG
instname:Universidade Federal de Campina Grande (UFCG)
instacron:UFCG
instname_str Universidade Federal de Campina Grande (UFCG)
instacron_str UFCG
institution UFCG
reponame_str Biblioteca Digital de Teses e Dissertações da UFCG
collection Biblioteca Digital de Teses e Dissertações da UFCG
repository.name.fl_str_mv Biblioteca Digital de Teses e Dissertações da UFCG - Universidade Federal de Campina Grande (UFCG)
repository.mail.fl_str_mv bdtd@setor.ufcg.edu.br || bdtd@setor.ufcg.edu.br
_version_ 1809744505691176960

Registros relacionados