Cornell Systems Lunch
CS 7490 Fall 2018
The Systems Lunch is a seminar for discussing recent, interesting papers in the systems area, broadly defined to span operating systems, distributed systems, networking, architecture, databases, and programming languages. The goal is to foster technical discussions among the Cornell systems research community. We meet once a week on Fridays at noon in Gates 114.
The systems lunch is open to all Cornell Ph.D. students interested in systems. First-year graduate students are especially welcome. Non-Ph.D. students have to obtain permission from the instructor. Student participants are expected to sign up for CS 7490, Systems Research Seminar, for one credit.
Links to papers and abstracts below are unlikely to work outside the Cornell CS firewall. If you have trouble viewing them, this is the likely cause.
|August 24||TxFS: Leveraging File-System Crash Consistency to Provide ACID Transactions
Yige Hu, Zhiting Zhu, Ian Neal, Youngjin Kwon, and Tianyu Cheng, The University of Texas at Austin; Vijay Chidambaram, The University of Texas at Austin and VMware Research; Emmett Witchel, The University of Texas at Austin
USENIX ATC 2018
|August 31||OmniLedger: A secure, scale-out, decentralized ledger via sharding
Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ewa Syta, and Bryan Ford (EPFL and Trinity College)
IEEE Security and Privacy 2018
|September 7||Exploiting a Natural Network Effect for Scalable, Fine-grained Clock Synchronization
Yilong Geng, Shiyu Liu, and Zi Yin, Stanford University; Ashish Naik, Google Inc.; Balaji Prabhakar and Mendel Rosenblum, Stanford University; Amin Vahdat, Google Inc.
|September 21||Comprehensive Design of Low-Overhead Secure Memory
Distributed systems introduce a new set of security risks. When users compute on remote machines they become vulnerable to physical attacks. To protect against physical attacks, systems use secure memory, which provides confidentiality and integrity protection for data in memory. However, systems that run with secure memory, such as Intel SGX, suffer from significant delay, energy and space overheads. Our goal is to design an efficient approach to secure memory while maintaining the same security guarantees. To reduce delay overheads, we propose PoisonIvy, a safe speculation mechanism that hides the integrity verification latency while maintaining the security guarantees. To reduce energy overheads, we analyze the efficiency of a simple metadata cache and propose MCX, an improved cache design that increases the efficiency of the metadata cache by collaborating with the LLC. To improve the space overheads, we propose a dynamic allocation of secure memory metadata that makes the space overheads proportional to secure memory used. Our work effectively reduces all of these overheads making secure memory more accessible. Compared to a non-speculative secure memory design with a small metadata cache (i.e. Intel SGX), our work reduces delay overhead from 28% down to 8% and energy overhead from 55% down to 17% on average across three benchmark suites.
Tamara Silbergleit Lehman is a 6th year PhD candidate at Duke university advised by Andrew Hilton and Benjamin Lee. Her research interests lie on the intersection of computer architecture and security. She is also interested in memory systems, simulation methodologies and emerging technologies. Her thesis work focuses on reducing overheads of secure memory. Tamara has a Bachelor‘s degree from University of Florida in Industrial Engineering and a Masters degree in Computer Engineering from Duke University. Her latest publication on understanding metadata access patterns in secure memory at ISPASS 2018, MAPS, won the best paper award. Her earlier work on developing a safe speculation mechanism for secure memory, PoisonIvy, published in MICRO 2016 got an honorable mention in Micro Top Picks.
|Tamara Silbergleit (Duke)|
|September 28||Riffle: optimized shuffle service for large-scale data analytics
Haoyu Zhang, Brian Cho, Ergin Seyfe, Avery Ching, Michael J. Freedman (Princeton and Facebook)
|October 5||Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution
Jo Van Bulck, imec-DistriNet, KU Leuven; Marina Minkin, Technion; Ofir Weisse, Daniel Genkin, and Baris Kasikci, University of Michigan; Frank Piessens, imec-DistriNet, KU Leuven; Mark Silberstein, Technion; Thomas F. Wenisch, University of Michigan; Yuval Yarom, University of Adelaide and Data61; Raoul Strackx, imec-DistriNet, KU Leuven
Usenix Security 2018
|October 12||WiscKey: Separating Keys from Values in SSD-Conscious Storage
Lanyue Lu, Thanumalayan Sankaranarayana Pillai, Andrea C. Arpaci-Dusseau, Remzi H. Arpaci-Dusseau (Univ. Wisconsin-Madison)
FAST 2016 / TOS 2017
|October 19||SDPaxos: Building Efficient Semi-Decentralized Geo-replicated State Machines
Hanyu Zhao, Quanlu Zhang, Zhi Yang, Ming Wu, Yafei Dai (MSR Asia, Peking U.
|October 26||Towards Inter-blockchain Communications
It has become clear that blockchains represent much more than a financial innovation. Several firms are now developing innovative public or private blockchain solutions for supply chains, IoT, and beyond. In our highly inter-connected world, it is inevitable that these blockchains will soon have to interact with each other. Similar to the Internet today, this will eventually result in formation of a network of blockchains where a transaction flows through a sequence of blockchains. In fact, some ad hoc industrial efforts have already begun in this direction; however, the scientific rigor is missing in these efforts, and privacy vulnerabilities and availability issues are pervasive. The first half of the talk, I will present our recent work on path-based transactions that forms the basis of some of privacy-enhanced inter-blockchain communication notions getting built in practice. In the second half, I will describe some key privacy and availability challenges that we will have to tackle in the next few years while building the Internet of blockchains.
|Aniket Kate (Purdue)|
|November 2||Pacer: Secure and Efficient Network Side Channel Mitigation in the Cloud
An important concern for many Cloud customers is data confidentiality. Of particular concern are potential data leaks via side channels, which arise when mutually untrusted parties contend on resources such as CPUs, caches, and networks. In this talk, I will describe our ongoing work on mitigating network side channels. Our solution, Pacer, is a secure, efficient, and practical traffic shaping system. It consists of three components: (i) A traffic shaping strategy that shapes a tenant‘s outgoing traffic in a way that reveals only public (non-secret) aspects of the tenant‘s workload, while completely hiding the tenant‘s secrets. (ii) A gray-box profiling technique that determines traffic shapes for the tenant‘s workloads with minimal assistance from the tenant application. (iii) A tunnel abstraction that encapsulates and enforces the tenant‘s traffic shapes. The tunnel endpoints bracket network links shared with the attacker. I will describe the three components of Pacer, and particularly highlight the challenges involved in implementing the tunnel in a secure, efficient and practical manner. Finally, I will describe preliminary experimental results, which indicate that Pacer‘s overheads are modest.
Bio: Aastha Mehta is a PhD student at Max Planck Institute for Software Systems (MPI-SWS), where she is advised by Peter Druschel and Deepak Garg. Her current research focuses on operating systems, networking and security. Her broader research interests are in solving security problems from a systems perspective. She was invited to attend the 4th Heidelberg Laureate Forum in 2015. More recently, she was selected for the Rising Stars Workshop 2018.
|Aasta Metha (MPI-SWS)|
|November 9||The FuzzyLog: A Partially Ordered Shared Log
Joshua Lockerman, Yale University; Jose M. Faleiro, UC Berkeley; Juno Kim, UC San Diego; Soham Sankaran, Cornell University; Daniel J. Abadi, University of Maryland, College Park; James Aspnes, Yale University; Siddhartha Sen, Microsoft Research; Mahesh Balakrishnan, Yale University / Facebook
|November 16||ACSU Luncheon, no meeting.|
|November 23||Thanksgiving Break, no meeting.|
|November 30||Pocket: Elastic Ephemeral Storage for Serverless Analytics
Ana Klimovic and Yawen Wang, Stanford University; Patrick Stuedi, Animesh Trivedi, and Jonas Pfefferle, IBM Research; Christos Kozyrakis, Stanford University