基于可信Linux容器的不可信雾基础设施的安全分布式计算

2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom) Pub Date : 2018-12-01 DOI:10.1109/cloudcom2018.2018.00053

Mohammad-Mahdi Bazm, M. Lacoste, Mario Südholt, Jean-Marc Menaud

{"title":"基于可信Linux容器的不可信雾基础设施的安全分布式计算","authors":"Mohammad-Mahdi Bazm, M. Lacoste, Mario Südholt, Jean-Marc Menaud","doi":"10.1109/cloudcom2018.2018.00053","DOIUrl":null,"url":null,"abstract":"Fog and Edge computing provide a large pool of resources at the edge of the network that may be used for distributed computing. Fog infrastructure heterogeneity also results in complex configuration of distributed applications on computing nodes. Linux containers are a mainstream technique allowing to run packaged applications and micro services. However, running applications on remote hosts owned by third parties is challenging because of untrusted operating systems and hardware maintained by third parties. To meet such challenges, we may leverage trusted execution mechanisms. In this work, we propose a model for distributed computing on Fog infrastructures using Linux containers secured by Intel's Software Guard Extensions (SGX) technology. We implement our model on a Docker and OpenSGX platform. The result is a secure and flexible approach for distributed computing on Fog infrastructures.","PeriodicalId":365939,"journal":{"name":"2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)","volume":"117 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Secure Distributed Computing on Untrusted Fog Infrastructures Using Trusted Linux Containers\",\"authors\":\"Mohammad-Mahdi Bazm, M. Lacoste, Mario Südholt, Jean-Marc Menaud\",\"doi\":\"10.1109/cloudcom2018.2018.00053\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Fog and Edge computing provide a large pool of resources at the edge of the network that may be used for distributed computing. Fog infrastructure heterogeneity also results in complex configuration of distributed applications on computing nodes. Linux containers are a mainstream technique allowing to run packaged applications and micro services. However, running applications on remote hosts owned by third parties is challenging because of untrusted operating systems and hardware maintained by third parties. To meet such challenges, we may leverage trusted execution mechanisms. In this work, we propose a model for distributed computing on Fog infrastructures using Linux containers secured by Intel's Software Guard Extensions (SGX) technology. We implement our model on a Docker and OpenSGX platform. The result is a secure and flexible approach for distributed computing on Fog infrastructures.\",\"PeriodicalId\":365939,\"journal\":{\"name\":\"2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)\",\"volume\":\"117 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/cloudcom2018.2018.00053\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/cloudcom2018.2018.00053","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

雾计算和边缘计算在网络边缘提供了可用于分布式计算的大量资源池。雾基础设施的异构性也导致了计算节点上分布式应用程序的复杂配置。Linux容器是一种主流技术，允许运行打包的应用程序和微服务。但是，在第三方拥有的远程主机上运行应用程序具有挑战性，因为第三方维护的操作系统和硬件不受信任。为了应对这些挑战，我们可以利用可信的执行机制。在这项工作中，我们提出了一种在Fog基础设施上使用Linux容器进行分布式计算的模型，该容器由英特尔的软件保护扩展(SGX)技术保护。我们在Docker和OpenSGX平台上实现我们的模型。结果为雾基础设施上的分布式计算提供了一种安全、灵活的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Secure Distributed Computing on Untrusted Fog Infrastructures Using Trusted Linux Containers

Fog and Edge computing provide a large pool of resources at the edge of the network that may be used for distributed computing. Fog infrastructure heterogeneity also results in complex configuration of distributed applications on computing nodes. Linux containers are a mainstream technique allowing to run packaged applications and micro services. However, running applications on remote hosts owned by third parties is challenging because of untrusted operating systems and hardware maintained by third parties. To meet such challenges, we may leverage trusted execution mechanisms. In this work, we propose a model for distributed computing on Fog infrastructures using Linux containers secured by Intel's Software Guard Extensions (SGX) technology. We implement our model on a Docker and OpenSGX platform. The result is a secure and flexible approach for distributed computing on Fog infrastructures.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)

自引率

0.00%

发文量