Verifiable Resource Accounting for Cloud Computing Services Vyas Sekar, Petros Maniatis ISTC for Secure Computing 1.

Slides:



Advertisements
Similar presentations
Network Systems Sales LLC
Advertisements

Verifiable Network Function Outsourcing Seyed K. FayazbakhshMichael K. ReiterVyas Sekar 1.
Ivan Pleština Amazon Simple Storage Service (S3) Amazon Elastic Block Storage (EBS) Amazon Elastic Compute Cloud (EC2)
SkewReduce YongChul Kwon Magdalena Balazinska, Bill Howe, Jerome Rolia* University of Washington, *HP Labs Skew-Resistant Parallel Processing of Feature-Extracting.
A KTEC Center of Excellence 1 Cooperative Caching for Chip Multiprocessors Jichuan Chang and Gurindar S. Sohi University of Wisconsin-Madison.
Series 2: Project Management Understanding and Using 6 Basic Tools 9/2013 From the CIHS Video Series “Ten Minutes at a Time”
Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.
CLOUD COMPUTING AN OVERVIEW & QUALITY OF SERVICE Hamzeh Khazaei University of Manitoba Department of Computer Science Jan 28, 2010.
PRODUCT FOCUS 4/14/14 – 4/25/14 INTRODUCTION Our Product Focus for the next two weeks is Microsoft Office 365. Office 365 is Microsoft’s most successful.
XENMON: QOS MONITORING AND PERFORMANCE PROFILING TOOL Diwaker Gupta, Rob Gardner, Ludmila Cherkasova 1.
Google App Engine Cloud B. Ramamurthy 7/11/2014CSE651, B. Ramamurthy1.
Computer Science Deadline Fair Scheduling: Bridging the Theory and Practice of Proportionate-Fair Scheduling in Multiprocessor Servers Abhishek Chandra.
MD240 - Management Information Systems Sept. 13, 2005 Computing Hardware – Moore's Law, Hardware Markets, and Computing Evolution.
1 IS371 WEEK 8 Last and Final Assignment Application Development Alternatives to Application Development Instructor Online Evaluations.
SyNAR: Systems Networking and Architecture Group Symbiotic Jobscheduling for a Simultaneous Multithreading Processor Presenter: Alexandra Fedorova Simon.
ITIL: Why Your IT Organization Should Care Service Support
Greg Pierce| Concerto Cloud Services Which Cloud is Right for Microsoft CRM?
1. 2 New Computing Models, and What They Mean to the Small and Mid Sized Business Consumer How your business can make practical decisions between “The.
New Challenges in Cloud Datacenter Monitoring and Management
5205 – IT Service Delivery and Support
| Basel Discovering Windows Azure Mobile Services and Media Services Ken Casada
Microsoft Office 365 and Collaboration Services in the Cloud Maria Hishikawa IT Specialist Bureau of Alcohol, Tobacco, Firearms and Explosives.
Google App Engine Danail Alexiev Technical Trainer SoftAcad.bg.
HealthTranz Payment Solutions Total Payment Solutions for Healthcare Practices.
Power Containers: An OS Facility for Fine-Grained Power and Energy Management on Multicore Servers Kai Shen, Arrvindh Shriraman, Sandhya Dwarkadas, Xiao.
Self-Adaptive QoS Guarantees and Optimization in Clouds Jim (Zhanwen) Li (Carleton University) Murray Woodside (Carleton University) John Chinneck (Carleton.
1 Scheduling I/O in Virtual Machine Monitors© 2008 Diego Ongaro Scheduling I/O in Virtual Machine Monitors Diego Ongaro, Alan L. Cox, and Scott Rixner.
Adam Leidigh Brandon Pyle Bernardo Ruiz Daniel Nakamura Arianna Campos.
Introduction Optimizing Application Performance with Pinpoint Accuracy What every IT Executive, Administrator & Developer Needs to Know.
Cloud Computing Kwangyun Cho v=8AXk25TUSRQ.
+ CS 325: CS Hardware and Software Organization and Architecture Cloud Architectures.
1 Solving the records management problem A cloud-computing approach to archiving Amanda Kleha Product Marketing, Google May 20, 2008.
Agent-based Federated Hybrid Cloud Prof. Yue-Shan Chang Distributed & Mobile Computing Lab. Dept. of Computer Science & Information Engineering National.
Cloud Computing Energy efficient cloud computing Keke Chen.
Storage Management in Virtualized Cloud Environments Sankaran Sivathanu, Ling Liu, Mei Yiduo and Xing Pu Student Workshop on Frontiers of Cloud Computing,
By: Jessica Carico – Kara Holbrook – Laura Watkins.
Cloud Computing Dave Elliman 11/10/2015G53ELC 1. Source: NY Times (6/14/2006) The datacenter is the computer!
Alibi: Attested Instruction Tracing as a Secure Thin Intermediate Layer (STIL) Primitive Vyas Sekar, Petros Maniatis ISTC for Secure Computing 1 Amit Vasudevan,
Power Containers: An OS Facility for Fine-Grained Power and Energy Management on Multicore Servers Kai Shen, Arrvindh Shriraman, Sandhya Dwarkadas, Xiao.
Systems Development Life Cycle
Trusted Virtual Machine Images a step towards Cloud Computing for HEP? Tony Cass on behalf of the HEPiX Virtualisation Working Group October 19 th 2010.
Nov 22/26 Tech Forum 2015 Roberto Trinconi Cloud the New Path to the Business Leadership.
© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.
Enterprise IT Performance Stephen Arthur. Background and Definitions  What is IT?  What is performance?  What about Enterprise IT Performance ?
Harnessing the Cloud for Securely Outsourcing Large- Scale Systems of Linear Equations.
Objectives how to use a systematic, top-down process when designing computer networks focuses on the first step in top-down network design: analyzing your.
Steams implementation with oracle e-business suite and discoverer
HOW SECURE IS CLOUD COMPUTING? Michael Becker. Summary  This article is about the security flaws and our growing dependence on cloud computing such as.
Chapter 1 Introduction to Social Commerce. Learning Objectives 1.Define social computing and the Social Web. 2.Describe the Social Web revolution. 3.Describe.
Head in the Clouds, feet on the ground David Massey Chief Technology Officer.
Trusted Virtual Machine Images the HEPiX Point of View Tony Cass October 21 st 2011.
Fundamentals of Planning
Avenues International Inc.
C Loomis (CNRS/LAL) and V. Floros (GRNET)
Tao Zhu1,2, Chengchun Shu1, Haiyan Yu1
Copyright ©: Nahrstedt, Angrave, Abdelzaher
Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.
Responsibilities & Tasks Week 2
Driving Digital Business with SAP Digital Business Services
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fog Computing Market to grow at 65% CAGR from 2017 to 2024: Global Market.
Lottery Scheduling Ish Baid.
Overview Introduction VPS Understanding VPS Architecture
ITIL: Why Your IT Organization Should Care Service Support
ITIL: Why Your IT Organization Should Care Service Support
User Monitoring Appliance Secures Microsoft Azure by Auditing Privileged Users in the Cloud “Microsoft Azure provides an easily accessible platform for.
Virtual-Time Round-Robin: An O(1) Proportional Share Scheduler
Operating Systems : Overview
ITIL: Why Your IT Organization Should Care Service Support
Operating Systems : Overview
PLANNING A SECURE BASELINE INSTALLATION
Presentation transcript:

Verifiable Resource Accounting for Cloud Computing Services Vyas Sekar, Petros Maniatis ISTC for Secure Computing 1

2

State of cloud computing today.. 3 It's that dreaded time of the month again, the time of the month that we, the 400,000+ Amazon Web Service consumers await with great anticipation / horror. What I'm talking about is the Amazon Web Services Billing Statement sent at beginning of each month. As it turns out, Microsoft's doesn't disclose revenues related to its cloud services. And on that matter, it's not alone. Neither do Amazon, Google, or IBM. Need stronger, verifiable resource accounting!

Divided opinions on “better accounting” 4 Non-problem Technically “easy” Market forces will solve this! “Obviously” critical problem But, we don’t know how!! vs. Little systematic research on this topic!

Goal of this work Stimulate active discussion Our own position: “obviously critical” Sketch a technical framework for how 5

Outline Motivation Problem definition Did-I verifiability Should-I verifiability Discussion Ongoing work 6

Problem Setup 7 Customer Provider Task (T) Attribution Model (A) e.g., SLA-like contract Report (R) Witness (W) Verifier T,R,W,A Trusted Layer

What does verifiability mean? 8 Customer Verifier Task,Report,Witness,Attribution (T,R,W,A) 1.Did I use the resources billed?  T did physically consume X cycles, Y GB RAM, Z MB bandwidth  Is P double counting or overcharging? 2. Should I have used these resources?  e.g., Was it because of poor scheduling by P? Did T consume more due to “contention” with T’ on same CPU?

Outline Motivation Problem definition Did-I verifiability Should-I verifiability Discussion Ongoing work 9

Did-I Verifiability 10 Provider P T1 C1 C2 R1 T2 R2  T1, T2 did physically consume X1, X2 cycles i.e., P is not “double counting” or overcharging

A Clean-slate Solution 11 Task1 Task2 Resource 1 Resource 2 EpochResource1Resource2 1T1=5, T2=0 T1=1, T2=2 2T1=1, T2=10 T1=0, T2=10 …. Hardware-root-of-trust Visibility into low-level No spurious reports “Witness” “Trusted”

Challenges with Clean Slate 12 Task1 Task2 Resource 1 Resource 2 EpochResource1Resource2 1T1=5, T2=0 T1=1, T2=2 2T1=1, T2=10 T1=0, T2=10 …. Doesn’t exist yet! Bandwidth overhead Performance slowdown

Practical Approximations Bandwidth overhead  Aggregation Performance slowdown – Sampling or snapshots Relaxing hardware dependence – Small instruction stream recorder (not online) – Shim layer for monitoring 13

Outline Motivation Problem definition Did-I verifiability Should-I verifiability Discussion Ongoing work 14

Should-I Verifiability 15 T Consumer R T R’  Is R very different from R’ in ideal case? e.g., is P scheduling/allocating as it promised? e.g., is R high because of contention? Provider P Ideal Provider P’

Clean-slate Should-I 16 Allocator Provider Requests Interrupts Decisions Customer Log of Requests, interrupts Log of Requests, interrupts Log of Decisions Log of Decisions Verifier Allocator Decisions “Witness” e.g., this is the VMM or cluster scheduler implementing “weighted fair queuing”

Challenges with Clean-Slate 17 Allocator Provider Requests Interrupts Decisions Customer Log of Requests, interrupts Log of Requests, interrupts Log of Decisions Log of Decisions Verifier Allocator Decisions Leak proprietary logic Log overhead e.g., locate verifier or agent close to P

Balancing privacy vs accountability 18 Allocator Template Allocator Template Provider Requests Interrupts Decisions Customer Log of Requests, interrupts Log of Requests, interrupts Log of Decisions Log of Decisions Private Policy Private Policy Hidden Verifier Allocator Template Allocator Template Decisions e.g., Is the provider running a “fair queueing” scheduler? But “weights” are private policy

Alternative “Quantitative” Should-I 19 Allocator Provider Requests Interrupts Decisions Customer Log of Requests, interrupts Log of Requests, interrupts Log of Decisions Log of Decisions Verifier Allocator Decisions Allocator Leak proprietary logic Very different from SLA verification  Not promising lower bound on “resources”  Rather computing upper bound on “consumption” Task Report

Outline Motivation Problem definition Did-I verifiability Should-I verifiability Discussion Ongoing work 20

Discussion Provider incentives – More adoption to avoid underutilization – Less conservative in accounting – Prevent customers from gaming the system Why markets may not suffice? – Infrastructure  few players – Cost of migrating is non-trivial Relaxing provider assistance – Resource prediction or collaborative inference 21

Summary Honeymoon phase for cloud is over  Need stronger verifiable accounting Benefits to consumers & providers – Side benefit: may encourage better practices Sketch a framework, potential solutions – Did-I and Should-I verifiability Working toward a practical realization 22

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.