Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures

Harshavardhan Unnibhavi; David Cerdeira; Antonio Barbalace; Nuno Santos; Pramod Bhatotia

doi:10.1145/3514221.3517913

Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures

Harshavardhan Unnibhavi, David Cerdeira, Antonio Barbalace, Nuno Santos, Pramod Bhatotia

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Computation Storage Architectures (CSA) are increasingly adopted in the cloud for near data processing, where the underlying storage devices/servers are now equipped with heterogeneous cores which enable computation offloading near to the data. While CSA is a promising high-performance architecture for the cloud, in general data analytics also presents significant data security and policy compliance (e.g., GDPR) challenges in untrusted cloud environments. In this paper, we present IronSafe, a secure and policy-compliant query processing system for heterogeneous computational storage architectures, while preserving the performance advantages of CSA in untrusted cloud environments. To achieve these design properties in a computing environment with heterogeneous host (x86) and storage system (ARM), we design and implement the entire hardware and software system stack from the ground-up leveraging hardware-assisted Trusted Execution Environments (TEEs): namely, Intel SGX and ARM TrustZone. More specifically, IronSafe builds on three core contributions: (1) a heterogeneous confidential computing framework for shielded execution with x86 and ARM TEEs and associated secure storage system for the untrusted storage medium; (2) a policy compliance monitor to provide a unified service for attestation and policy compliance; and (3) a declarative policy language and associated interpreter for concisely specifying and efficiently evaluating a rich set of polices. Our evaluation using the TPC-H SQL benchmark queries and GDPR anti-pattern use-cases shows that IronSafe is faster, on average by 2.3x than a host-only secure system, while providing strong security and policy-compliance properties.

Original language	English
Title of host publication	Proceedings of the 2022 International Conference on Management of Data
Editors	Zachary Ives, Angela Bonifati, Amr El Abbadi, John Paparrizos, Rebecca Taft
Publisher	ACM Association for Computing Machinery
Pages	1462-1477
Number of pages	16
ISBN (Print)	978-1-4503-9249-5
DOIs	https://doi.org/10.1145/3514221.3517913
Publication status	Published - 11 Jun 2022
Event	ACM SIGMOD/PODS International Conference on Management of Data 2022 - Philadelphia, United States Duration: 12 Jun 2022 → 17 Jun 2022 https://2022.sigmod.org/index.shtml

Conference

Conference	ACM SIGMOD/PODS International Conference on Management of Data 2022
Abbreviated title	SIGMOD 2022
Country/Territory	United States
City	Philadelphia
Period	12/06/22 → 17/06/22
Internet address	https://2022.sigmod.org/index.shtml

Keywords / Materials (for Non-textual outputs)

Trusted execution
Heterogeneous confidential computing
Computational storage
Policy compliance

Access to Document

10.1145/3514221.3517913Licence: All Rights Reserved

Secure and Policy_UNNIBHAVI_DOA01042022_AFVAccepted author manuscript, 4.32 MBLicence: Creative Commons: Attribution (CC-BY)

https://dl.acm.org/doi/10.1145/3514221.3517913Licence: All Rights Reserved

Cite this

Unnibhavi, H., Cerdeira, D., Barbalace, A., Santos, N., & Bhatotia, P. (2022). Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures. In Z. Ives, A. Bonifati, A. El Abbadi, J. Paparrizos, & R. Taft (Eds.), Proceedings of the 2022 International Conference on Management of Data (pp. 1462-1477). ACM Association for Computing Machinery. https://doi.org/10.1145/3514221.3517913

Unnibhavi, Harshavardhan ; Cerdeira, David ; Barbalace, Antonio et al. / Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures. Proceedings of the 2022 International Conference on Management of Data. editor / Zachary Ives ; Angela Bonifati ; Amr El Abbadi ; John Paparrizos ; Rebecca Taft. ACM Association for Computing Machinery, 2022. pp. 1462-1477

@inproceedings{896b9ad2191346d2b89ead80fe5b5457,

title = "Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures",

abstract = "Computation Storage Architectures (CSA) are increasingly adopted in the cloud for near data processing, where the underlying storage devices/servers are now equipped with heterogeneous cores which enable computation offloading near to the data. While CSA is a promising high-performance architecture for the cloud, in general data analytics also presents significant data security and policy compliance (e.g., GDPR) challenges in untrusted cloud environments. In this paper, we present IronSafe, a secure and policy-compliant query processing system for heterogeneous computational storage architectures, while preserving the performance advantages of CSA in untrusted cloud environments. To achieve these design properties in a computing environment with heterogeneous host (x86) and storage system (ARM), we design and implement the entire hardware and software system stack from the ground-up leveraging hardware-assisted Trusted Execution Environments (TEEs): namely, Intel SGX and ARM TrustZone. More specifically, IronSafe builds on three core contributions: (1) a heterogeneous confidential computing framework for shielded execution with x86 and ARM TEEs and associated secure storage system for the untrusted storage medium; (2) a policy compliance monitor to provide a unified service for attestation and policy compliance; and (3) a declarative policy language and associated interpreter for concisely specifying and efficiently evaluating a rich set of polices. Our evaluation using the TPC-H SQL benchmark queries and GDPR anti-pattern use-cases shows that IronSafe is faster, on average by 2.3x than a host-only secure system, while providing strong security and policy-compliance properties.",

keywords = "Trusted execution, Heterogeneous confidential computing, Computational storage, Policy compliance",

author = "Harshavardhan Unnibhavi and David Cerdeira and Antonio Barbalace and Nuno Santos and Pramod Bhatotia",

note = "Funding Information: We present IronSafe, a design approach for building a secure, policy-compliant, and high-performance query processing infrastructure for untrusted clouds. To achieve these goals, our work underpins on three main contributions: (1) a heterogeneous confidential computing framework and associated secure storage; (2) a policy compliance monitor to provide a unified attestation and enforcement interface; and (3) a declarative policy compliance language to concisely express a rich set of polices. We have built the end-to-end query analytics infrastructure that exposes a declarative (SQL) query and associated execution policy interface. Our evaluation using the GDPR anti-patterns and TPC-H SQL benchmark queries shows reasonable overheads, while providing strong security and policy-compliance. Limitations. While we rely on a simple query partitioning strategy by adapting the MySQL partitioner with simple heuristics, a generic query partitioning framework for CSA is beyond the scope of this work and been actively investigated. As part of the future work, we plan to build on the advancements in databases [13, 60] to design a compiler that automatically partitions queries between the host and storage systems, while considering TEEs{\textquoteright} architectural limitations. Software artifact. We release IronSafe as an open-source project [44]. Acknowledgements. We thank our anonymous reviewers for their helpful comments. This work was supported in parts by a Huawei Research Grant, by Funda{\c c}{\~a}o para a Ci{\^e}ncia e Tecnologia (FCT) under project UIDB/50021/2020 and grant 2020.05270.BD, via project COSMOS (via the OE with ref. PTDC/EEI-COM/29271/2017), via the “Programa Operacional Regional de Lisboa na sua componente FEDER” with ref. Lisboa-01-0145-FEDER-029271 and an FCT grant with ref. SFRH/BD/146231/2019. Publisher Copyright: {\textcopyright} 2022 ACM.; ACM SIGMOD/PODS International Conference on Management of Data 2022, SIGMOD 2022 ; Conference date: 12-06-2022 Through 17-06-2022",

year = "2022",

month = jun,

day = "11",

doi = "10.1145/3514221.3517913",

language = "English",

isbn = "978-1-4503-9249-5",

pages = "1462--1477",

editor = "Zachary Ives and Angela Bonifati and {El Abbadi}, Amr and John Paparrizos and Rebecca Taft",

booktitle = "Proceedings of the 2022 International Conference on Management of Data",

publisher = "ACM Association for Computing Machinery",

url = "https://2022.sigmod.org/index.shtml",

}

Unnibhavi, H, Cerdeira, D, Barbalace, A, Santos, N & Bhatotia, P 2022, Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures. in Z Ives, A Bonifati, A El Abbadi, J Paparrizos & R Taft (eds), Proceedings of the 2022 International Conference on Management of Data. ACM Association for Computing Machinery, pp. 1462-1477, ACM SIGMOD/PODS International Conference on Management of Data 2022, Philadelphia, Pennsylvania, United States, 12/06/22. https://doi.org/10.1145/3514221.3517913

Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures. / Unnibhavi, Harshavardhan; Cerdeira, David; Barbalace, Antonio et al.
Proceedings of the 2022 International Conference on Management of Data. ed. / Zachary Ives; Angela Bonifati; Amr El Abbadi; John Paparrizos; Rebecca Taft. ACM Association for Computing Machinery, 2022. p. 1462-1477.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures

AU - Unnibhavi, Harshavardhan

AU - Cerdeira, David

AU - Barbalace, Antonio

AU - Santos, Nuno

AU - Bhatotia, Pramod

N1 - Funding Information: We present IronSafe, a design approach for building a secure, policy-compliant, and high-performance query processing infrastructure for untrusted clouds. To achieve these goals, our work underpins on three main contributions: (1) a heterogeneous confidential computing framework and associated secure storage; (2) a policy compliance monitor to provide a unified attestation and enforcement interface; and (3) a declarative policy compliance language to concisely express a rich set of polices. We have built the end-to-end query analytics infrastructure that exposes a declarative (SQL) query and associated execution policy interface. Our evaluation using the GDPR anti-patterns and TPC-H SQL benchmark queries shows reasonable overheads, while providing strong security and policy-compliance. Limitations. While we rely on a simple query partitioning strategy by adapting the MySQL partitioner with simple heuristics, a generic query partitioning framework for CSA is beyond the scope of this work and been actively investigated. As part of the future work, we plan to build on the advancements in databases [13, 60] to design a compiler that automatically partitions queries between the host and storage systems, while considering TEEs’ architectural limitations. Software artifact. We release IronSafe as an open-source project [44]. Acknowledgements. We thank our anonymous reviewers for their helpful comments. This work was supported in parts by a Huawei Research Grant, by Fundação para a Ciência e Tecnologia (FCT) under project UIDB/50021/2020 and grant 2020.05270.BD, via project COSMOS (via the OE with ref. PTDC/EEI-COM/29271/2017), via the “Programa Operacional Regional de Lisboa na sua componente FEDER” with ref. Lisboa-01-0145-FEDER-029271 and an FCT grant with ref. SFRH/BD/146231/2019. Publisher Copyright: © 2022 ACM.

PY - 2022/6/11

Y1 - 2022/6/11

N2 - Computation Storage Architectures (CSA) are increasingly adopted in the cloud for near data processing, where the underlying storage devices/servers are now equipped with heterogeneous cores which enable computation offloading near to the data. While CSA is a promising high-performance architecture for the cloud, in general data analytics also presents significant data security and policy compliance (e.g., GDPR) challenges in untrusted cloud environments. In this paper, we present IronSafe, a secure and policy-compliant query processing system for heterogeneous computational storage architectures, while preserving the performance advantages of CSA in untrusted cloud environments. To achieve these design properties in a computing environment with heterogeneous host (x86) and storage system (ARM), we design and implement the entire hardware and software system stack from the ground-up leveraging hardware-assisted Trusted Execution Environments (TEEs): namely, Intel SGX and ARM TrustZone. More specifically, IronSafe builds on three core contributions: (1) a heterogeneous confidential computing framework for shielded execution with x86 and ARM TEEs and associated secure storage system for the untrusted storage medium; (2) a policy compliance monitor to provide a unified service for attestation and policy compliance; and (3) a declarative policy language and associated interpreter for concisely specifying and efficiently evaluating a rich set of polices. Our evaluation using the TPC-H SQL benchmark queries and GDPR anti-pattern use-cases shows that IronSafe is faster, on average by 2.3x than a host-only secure system, while providing strong security and policy-compliance properties.

AB - Computation Storage Architectures (CSA) are increasingly adopted in the cloud for near data processing, where the underlying storage devices/servers are now equipped with heterogeneous cores which enable computation offloading near to the data. While CSA is a promising high-performance architecture for the cloud, in general data analytics also presents significant data security and policy compliance (e.g., GDPR) challenges in untrusted cloud environments. In this paper, we present IronSafe, a secure and policy-compliant query processing system for heterogeneous computational storage architectures, while preserving the performance advantages of CSA in untrusted cloud environments. To achieve these design properties in a computing environment with heterogeneous host (x86) and storage system (ARM), we design and implement the entire hardware and software system stack from the ground-up leveraging hardware-assisted Trusted Execution Environments (TEEs): namely, Intel SGX and ARM TrustZone. More specifically, IronSafe builds on three core contributions: (1) a heterogeneous confidential computing framework for shielded execution with x86 and ARM TEEs and associated secure storage system for the untrusted storage medium; (2) a policy compliance monitor to provide a unified service for attestation and policy compliance; and (3) a declarative policy language and associated interpreter for concisely specifying and efficiently evaluating a rich set of polices. Our evaluation using the TPC-H SQL benchmark queries and GDPR anti-pattern use-cases shows that IronSafe is faster, on average by 2.3x than a host-only secure system, while providing strong security and policy-compliance properties.

KW - Trusted execution

KW - Heterogeneous confidential computing

KW - Computational storage

KW - Policy compliance

U2 - 10.1145/3514221.3517913

DO - 10.1145/3514221.3517913

M3 - Conference contribution

SN - 978-1-4503-9249-5

SP - 1462

EP - 1477

BT - Proceedings of the 2022 International Conference on Management of Data

A2 - Ives, Zachary

A2 - Bonifati, Angela

A2 - El Abbadi, Amr

A2 - Paparrizos, John

A2 - Taft, Rebecca

PB - ACM Association for Computing Machinery

T2 - ACM SIGMOD/PODS International Conference on Management of Data 2022

Y2 - 12 June 2022 through 17 June 2022

ER -

Unnibhavi H, Cerdeira D, Barbalace A, Santos N, Bhatotia P. Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures. In Ives Z, Bonifati A, El Abbadi A, Paparrizos J, Taft R, editors, Proceedings of the 2022 International Conference on Management of Data. ACM Association for Computing Machinery. 2022. p. 1462-1477 doi: 10.1145/3514221.3517913

Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures

Abstract

Conference

Keywords / Materials (for Non-textual outputs)

Access to Document

Fingerprint

Cite this