Squad : a secure, simple storage service for SGXbased microservices.

Detalhes bibliográficos
Autor(a) principal: SILVA, Matheus Sthefano Leite da.
Data de Publicação: 2019
Tipo de documento: Trabalho de conclusão de curso
Idioma: por
Título da fonte: Biblioteca Digital de Teses e Dissertações da UFCG
Texto Completo: http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757
Resumo: Intel SGX has been the subject of numerous research and development projects. Moreover, this technology has been considered a robust option to secure the data being processed in cloud environments. Despite this, configuring SGX-based applications in complex and dynamic scenarios such as microservice architectures is still a challenge. The process of configuring such applications must guarantee the trustworthiness of the services, and must be simple and efficient.We then propose a solution for configuring and provisioning secrets to SGX-based applications made with help of the Intel SGX SDK. We present a simple solution that can be easily validated and hardened. Also, the solution is pluggable and can be extended to fit specific requirements or leverage other tools (e.g., for data persistence). In addition to describing our proposal, we also provide an evaluation that shows low overhead to the initialization and configuration time of SGX microservices deployed on Kubernetes. This work contributes to the state-of-the-art of research on using trusted execution environments in cloud computing.
id UFCG_2984ceb4566b493bae79e596487edeb3
oai_identifier_str oai:localhost:riufcg/20757
network_acronym_str UFCG
network_name_str Biblioteca Digital de Teses e Dissertações da UFCG
repository_id_str 4851
spelling BRITO, Andrey Elísio Monteiro.BRITO, A. E. M.http://lattes.cnpq.br/2634324830901340GOMES, Herman Martins.GOMES, H. M.MASSONI, Tiago Lima.MASSONI, T. L.SILVA, M. S. L.SILVA, Matheus Sthefano Leite da.Universidade Federal de Campina GrandeUFCGBrasilCentro de Engenharia Elétrica e Informática - CEEICiência da Computação.Microservices architectureIntel SXGSecurityStorage serviceSXG-based microservicesSquad : a secure, simple storage service for SGXbased microservices.Squad : a secure, simple storage service for SGXbased microservices.2019-07-022021-08-20T20:56:36Z2021-08-202021-08-20T20:56:36ZIntel SGX has been the subject of numerous research and development projects. Moreover, this technology has been considered a robust option to secure the data being processed in cloud environments. Despite this, configuring SGX-based applications in complex and dynamic scenarios such as microservice architectures is still a challenge. The process of configuring such applications must guarantee the trustworthiness of the services, and must be simple and efficient.We then propose a solution for configuring and provisioning secrets to SGX-based applications made with help of the Intel SGX SDK. We present a simple solution that can be easily validated and hardened. Also, the solution is pluggable and can be extended to fit specific requirements or leverage other tools (e.g., for data persistence). In addition to describing our proposal, we also provide an evaluation that shows low overhead to the initialization and configuration time of SGX microservices deployed on Kubernetes. This work contributes to the state-of-the-art of research on using trusted execution environments in cloud computing.Submitted by Joana Darc Morais da Silva (darc.campo@gmail.com) on 2021-08-20T20:56:36Z No. of bitstreams: 1 MATHEUS STHEFANO LEITE DA SILVA - TCC CIÊNCIA DA COMPUTAÇÃO 2019.pdf: 712295 bytes, checksum: 13959f2c6a39e563a4ab23ce6d893936 (MD5)Made available in DSpace on 2021-08-20T20:56:36Z (GMT). No. of bitstreams: 1 MATHEUS STHEFANO LEITE DA SILVA - TCC CIÊNCIA DA COMPUTAÇÃO 2019.pdf: 712295 bytes, checksum: 13959f2c6a39e563a4ab23ce6d893936 (MD5) Previous issue date: 2019-07-02http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757SILVA, Matheus Sthefano Leite da. Squad : a secure, simple storage service for SGXbased microservices. 2019. 13f. (Trabalho de Conclusão de Curso - Artigo) – Curso de Bacharelado em Ciência da Computação, Centro de Engenharia Elétrica e Informática, Universidade Federal de Campina Grande, Paraíba, Brasil, 2019. Disponível em: http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/bachelorThesisporinfo:eu-repo/semantics/openAccessreponame:Biblioteca Digital de Teses e Dissertações da UFCGinstname:Universidade Federal de Campina Grande (UFCG)instacron:UFCGLICENSElicense.txtlicense.txttext/plain; charset=utf-81748http://dspace.sti.ufcg.edu.br:8080/xmlui/bitstream/riufcg/20757/2/license.txt8a4605be74aa9ea9d79846c1fba20a33MD52ORIGINALMATHEUS STHEFANO LEITE DA SILVA - TCC CIÊNCIA DA COMPUTAÇÃO 2019.pdfMATHEUS STHEFANO LEITE DA SILVA - TCC CIÊNCIA DA COMPUTAÇÃO 2019.pdfapplication/pdf712295http://dspace.sti.ufcg.edu.br:8080/xmlui/bitstream/riufcg/20757/1/MATHEUS+STHEFANO+LEITE+DA+SILVA+-+TCC+CI%C3%8ANCIA+DA+COMPUTA%C3%87%C3%83O+2019.pdf13959f2c6a39e563a4ab23ce6d893936MD51riufcg/207572021-08-20 17:57:21.988oai:localhost:riufcg/20757Tk9URTogUExBQ0UgWU9VUiBPV04gTElDRU5TRSBIRVJFClRoaXMgc2FtcGxlIGxpY2Vuc2UgaXMgcHJvdmlkZWQgZm9yIGluZm9ybWF0aW9uYWwgcHVycG9zZXMgb25seS4KCk5PTi1FWENMVVNJVkUgRElTVFJJQlVUSU9OIExJQ0VOU0UKCkJ5IHNpZ25pbmcgYW5kIHN1Ym1pdHRpbmcgdGhpcyBsaWNlbnNlLCB5b3UgKHRoZSBhdXRob3Iocykgb3IgY29weXJpZ2h0Cm93bmVyKSBncmFudHMgdG8gRFNwYWNlIFVuaXZlcnNpdHkgKERTVSkgdGhlIG5vbi1leGNsdXNpdmUgcmlnaHQgdG8gcmVwcm9kdWNlLAp0cmFuc2xhdGUgKGFzIGRlZmluZWQgYmVsb3cpLCBhbmQvb3IgZGlzdHJpYnV0ZSB5b3VyIHN1Ym1pc3Npb24gKGluY2x1ZGluZwp0aGUgYWJzdHJhY3QpIHdvcmxkd2lkZSBpbiBwcmludCBhbmQgZWxlY3Ryb25pYyBmb3JtYXQgYW5kIGluIGFueSBtZWRpdW0sCmluY2x1ZGluZyBidXQgbm90IGxpbWl0ZWQgdG8gYXVkaW8gb3IgdmlkZW8uCgpZb3UgYWdyZWUgdGhhdCBEU1UgbWF5LCB3aXRob3V0IGNoYW5naW5nIHRoZSBjb250ZW50LCB0cmFuc2xhdGUgdGhlCnN1Ym1pc3Npb24gdG8gYW55IG1lZGl1bSBvciBmb3JtYXQgZm9yIHRoZSBwdXJwb3NlIG9mIHByZXNlcnZhdGlvbi4KCllvdSBhbHNvIGFncmVlIHRoYXQgRFNVIG1heSBrZWVwIG1vcmUgdGhhbiBvbmUgY29weSBvZiB0aGlzIHN1Ym1pc3Npb24gZm9yCnB1cnBvc2VzIG9mIHNlY3VyaXR5LCBiYWNrLXVwIGFuZCBwcmVzZXJ2YXRpb24uCgpZb3UgcmVwcmVzZW50IHRoYXQgdGhlIHN1Ym1pc3Npb24gaXMgeW91ciBvcmlnaW5hbCB3b3JrLCBhbmQgdGhhdCB5b3UgaGF2ZQp0aGUgcmlnaHQgdG8gZ3JhbnQgdGhlIHJpZ2h0cyBjb250YWluZWQgaW4gdGhpcyBsaWNlbnNlLiBZb3UgYWxzbyByZXByZXNlbnQKdGhhdCB5b3VyIHN1Ym1pc3Npb24gZG9lcyBub3QsIHRvIHRoZSBiZXN0IG9mIHlvdXIga25vd2xlZGdlLCBpbmZyaW5nZSB1cG9uCmFueW9uZSdzIGNvcHlyaWdodC4KCklmIHRoZSBzdWJtaXNzaW9uIGNvbnRhaW5zIG1hdGVyaWFsIGZvciB3aGljaCB5b3UgZG8gbm90IGhvbGQgY29weXJpZ2h0LAp5b3UgcmVwcmVzZW50IHRoYXQgeW91IGhhdmUgb2J0YWluZWQgdGhlIHVucmVzdHJpY3RlZCBwZXJtaXNzaW9uIG9mIHRoZQpjb3B5cmlnaHQgb3duZXIgdG8gZ3JhbnQgRFNVIHRoZSByaWdodHMgcmVxdWlyZWQgYnkgdGhpcyBsaWNlbnNlLCBhbmQgdGhhdApzdWNoIHRoaXJkLXBhcnR5IG93bmVkIG1hdGVyaWFsIGlzIGNsZWFybHkgaWRlbnRpZmllZCBhbmQgYWNrbm93bGVkZ2VkCndpdGhpbiB0aGUgdGV4dCBvciBjb250ZW50IG9mIHRoZSBzdWJtaXNzaW9uLgoKSUYgVEhFIFNVQk1JU1NJT04gSVMgQkFTRUQgVVBPTiBXT1JLIFRIQVQgSEFTIEJFRU4gU1BPTlNPUkVEIE9SIFNVUFBPUlRFRApCWSBBTiBBR0VOQ1kgT1IgT1JHQU5JWkFUSU9OIE9USEVSIFRIQU4gRFNVLCBZT1UgUkVQUkVTRU5UIFRIQVQgWU9VIEhBVkUKRlVMRklMTEVEIEFOWSBSSUdIVCBPRiBSRVZJRVcgT1IgT1RIRVIgT0JMSUdBVElPTlMgUkVRVUlSRUQgQlkgU1VDSApDT05UUkFDVCBPUiBBR1JFRU1FTlQuCgpEU1Ugd2lsbCBjbGVhcmx5IGlkZW50aWZ5IHlvdXIgbmFtZShzKSBhcyB0aGUgYXV0aG9yKHMpIG9yIG93bmVyKHMpIG9mIHRoZQpzdWJtaXNzaW9uLCBhbmQgd2lsbCBub3QgbWFrZSBhbnkgYWx0ZXJhdGlvbiwgb3RoZXIgdGhhbiBhcyBhbGxvd2VkIGJ5IHRoaXMKbGljZW5zZSwgdG8geW91ciBzdWJtaXNzaW9uLgo=Biblioteca Digital de Teses e Dissertaçõeshttp://bdtd.ufcg.edu.br/PUBhttp://dspace.sti.ufcg.edu.br:8080/oai/requestbdtd@setor.ufcg.edu.br || bdtd@setor.ufcg.edu.bropendoar:48512024-07-01T10:22:34.902175Biblioteca Digital de Teses e Dissertações da UFCG - Universidade Federal de Campina Grande (UFCG)false
dc.title.pt_BR.fl_str_mv Squad : a secure, simple storage service for SGXbased microservices.
dc.title.alternative.pt_BR.fl_str_mv Squad : a secure, simple storage service for SGXbased microservices.
title Squad : a secure, simple storage service for SGXbased microservices.
spellingShingle Squad : a secure, simple storage service for SGXbased microservices.
SILVA, Matheus Sthefano Leite da.
Ciência da Computação.
Microservices architecture
Intel SXG
Security
Storage service
SXG-based microservices
title_short Squad : a secure, simple storage service for SGXbased microservices.
title_full Squad : a secure, simple storage service for SGXbased microservices.
title_fullStr Squad : a secure, simple storage service for SGXbased microservices.
title_full_unstemmed Squad : a secure, simple storage service for SGXbased microservices.
title_sort Squad : a secure, simple storage service for SGXbased microservices.
author SILVA, Matheus Sthefano Leite da.
author_facet SILVA, Matheus Sthefano Leite da.
author_role author
dc.contributor.advisor1.fl_str_mv BRITO, Andrey Elísio Monteiro.
dc.contributor.advisor1ID.fl_str_mv BRITO, A. E. M.
dc.contributor.advisor1Lattes.fl_str_mv http://lattes.cnpq.br/2634324830901340
dc.contributor.referee1.fl_str_mv GOMES, Herman Martins.
dc.contributor.referee1ID.fl_str_mv GOMES, H. M.
dc.contributor.referee2.fl_str_mv MASSONI, Tiago Lima.
dc.contributor.referee2ID.fl_str_mv MASSONI, T. L.
dc.contributor.authorID.fl_str_mv SILVA, M. S. L.
dc.contributor.author.fl_str_mv SILVA, Matheus Sthefano Leite da.
contributor_str_mv BRITO, Andrey Elísio Monteiro.
GOMES, Herman Martins.
MASSONI, Tiago Lima.
dc.subject.cnpq.fl_str_mv Ciência da Computação.
topic Ciência da Computação.
Microservices architecture
Intel SXG
Security
Storage service
SXG-based microservices
dc.subject.por.fl_str_mv Microservices architecture
Intel SXG
Security
Storage service
SXG-based microservices
description Intel SGX has been the subject of numerous research and development projects. Moreover, this technology has been considered a robust option to secure the data being processed in cloud environments. Despite this, configuring SGX-based applications in complex and dynamic scenarios such as microservice architectures is still a challenge. The process of configuring such applications must guarantee the trustworthiness of the services, and must be simple and efficient.We then propose a solution for configuring and provisioning secrets to SGX-based applications made with help of the Intel SGX SDK. We present a simple solution that can be easily validated and hardened. Also, the solution is pluggable and can be extended to fit specific requirements or leverage other tools (e.g., for data persistence). In addition to describing our proposal, we also provide an evaluation that shows low overhead to the initialization and configuration time of SGX microservices deployed on Kubernetes. This work contributes to the state-of-the-art of research on using trusted execution environments in cloud computing.
publishDate 2019
dc.date.issued.fl_str_mv 2019-07-02
dc.date.accessioned.fl_str_mv 2021-08-20T20:56:36Z
dc.date.available.fl_str_mv 2021-08-20
2021-08-20T20:56:36Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/bachelorThesis
format bachelorThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757
dc.identifier.citation.fl_str_mv SILVA, Matheus Sthefano Leite da. Squad : a secure, simple storage service for SGXbased microservices. 2019. 13f. (Trabalho de Conclusão de Curso - Artigo) – Curso de Bacharelado em Ciência da Computação, Centro de Engenharia Elétrica e Informática, Universidade Federal de Campina Grande, Paraíba, Brasil, 2019. Disponível em: http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757
url http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757
identifier_str_mv SILVA, Matheus Sthefano Leite da. Squad : a secure, simple storage service for SGXbased microservices. 2019. 13f. (Trabalho de Conclusão de Curso - Artigo) – Curso de Bacharelado em Ciência da Computação, Centro de Engenharia Elétrica e Informática, Universidade Federal de Campina Grande, Paraíba, Brasil, 2019. Disponível em: http://dspace.sti.ufcg.edu.br:8080/jspui/handle/riufcg/20757
dc.language.iso.fl_str_mv por
language por
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.publisher.none.fl_str_mv Universidade Federal de Campina Grande
dc.publisher.initials.fl_str_mv UFCG
dc.publisher.country.fl_str_mv Brasil
dc.publisher.department.fl_str_mv Centro de Engenharia Elétrica e Informática - CEEI
publisher.none.fl_str_mv Universidade Federal de Campina Grande
dc.source.none.fl_str_mv reponame:Biblioteca Digital de Teses e Dissertações da UFCG
instname:Universidade Federal de Campina Grande (UFCG)
instacron:UFCG
instname_str Universidade Federal de Campina Grande (UFCG)
instacron_str UFCG
institution UFCG
reponame_str Biblioteca Digital de Teses e Dissertações da UFCG
collection Biblioteca Digital de Teses e Dissertações da UFCG
bitstream.url.fl_str_mv http://dspace.sti.ufcg.edu.br:8080/xmlui/bitstream/riufcg/20757/2/license.txt
http://dspace.sti.ufcg.edu.br:8080/xmlui/bitstream/riufcg/20757/1/MATHEUS+STHEFANO+LEITE+DA+SILVA+-+TCC+CI%C3%8ANCIA+DA+COMPUTA%C3%87%C3%83O+2019.pdf
bitstream.checksum.fl_str_mv 8a4605be74aa9ea9d79846c1fba20a33
13959f2c6a39e563a4ab23ce6d893936
bitstream.checksumAlgorithm.fl_str_mv MD5
MD5
repository.name.fl_str_mv Biblioteca Digital de Teses e Dissertações da UFCG - Universidade Federal de Campina Grande (UFCG)
repository.mail.fl_str_mv bdtd@setor.ufcg.edu.br || bdtd@setor.ufcg.edu.br
_version_ 1803396755568459776

Registros relacionados