TU BRAUNSCHWEIG
| Carl Friedrich Gauß Faculty | Department of Computer Science
Informatikzentrum

TFaaS: Trusted Sandboxed Execution of Serverless Functions

TFaaS logo

News

Project Description

Serverless cloud computing promises to be an attractive offering to both cloud users and providers. Existing serverless frameworks, including AWS Lambda, Apache OpenWhisk and OpenFaaS, follow a function-as-a-service (FaaS) model in which users express the business logic of their cloud applications as a sequence of function invocations, written in popular languages such as Java, JavaScript, and Python. Partly due to the immaturity of existing FaaS platforms, security aspects, in particular related to isolation of functions and their integrity during execution, have large been unexplored by the research community. This introduces risks, both to cloud users and cloud providers, as open source FaaS platforms gain in adoption.

We propose to explore and enhance the security of today’s FaaS platforms both for cloud users and cloud providers using a two-pronged approach: (i) from the perspective of cloud users, we plan to investigate how trusted execution capabilities of modern CPUs, can be used to shield serverless functions from the rest of the cloud FaaS stack. The goal is to develop new practical approaches to guarantee the data confidentiality and integrity of function computation. A specific research challenge will be to support short-lived functions efficiently within a trusted execution environment (TEE) with substantially larger set-up times. In addition, we will provide protocols that enhance a TEE’s attestation mechanism to efficiently and securely provide guarantees for serveless functions; and (ii) from the perspective of cloud providers, we will explore more lightweight sandboxing mechanisms for serverless functions that go beyond containers and employ language-based isolation. We will enhance modern programming language runtimes such as Python and JavaScript with isolation abstractions and investigate WebAssembly as a new portable format for executable code that is claimed to nearly run as fast as native machine code. The designed abstractions will enable the scalable execution of serverless functions, while offering security guarantees that are at least as effective as those of containers.

We will make an open-source proof-of-concept implementation of the above research ideas available as part of an extension of the OpenFaaS platform. At the hardware level, we will base our implementation on Intel SGX but also investigate the use of related more lightweight but less powerful technologies such as Intel MKTME and AMD SEV. In addition, we will publicise our research results through paper submissions to top-tier systems and security conferences.

Publications

"Trust more, serverless" published at SYSTOR 2019

Download the paper!

Abstract: The increasingly popular and novel Function-as-a-Service (FaaS) clouds allow users the deployment of single functions. Compared to Infrastructure-as-a-Service or Platform-as-a-Service , this enables providers even more aggressive and rigorous resource sharing and liberates customers from tedious maintenance tasks. However, as a crucial factor of cloud adoption, FaaS clouds need to provide security and privacy guarantees in order to allow sensitive data processing. In this paper, we investigate securing FaaS clouds for sensitive data processing, while respecting their new features, capabilities and benefits in a technology-aware manner. We start with the proposal of a generic approach for a JavaScript-based secure FaaS platform, then get more specific and discuss the implementation of two distinct approaches based on (a) a lightweight and (b) a high performance JavaScript engine. Our prototype implementation shows promising performance while efficiently utilising resources, thereby keeping the penalties of the added security low.

Funded by Intel

Intel Logo

Project Partners

Project Members at IBR

PhotoProf. Dr. Rüdiger Kapitza
Abteilungsleiter
kapitza[[at]]ibr.cs.tu-bs.de
+49 531 3913294
Room 135
PhotoDavid Goltzsche
Wissenschaftlicher Mitarbeiter
goltzsche[[at]]ibr.cs.tu-bs.de
+49 531 3913249
Room 134
PhotoManuel Nieke
Wissenschaftlicher Mitarbeiter
nieke[[at]]ibr.cs.tu-bs.de
+49 531 3913155
Room 169
PhotoStefan Brenner
Wissenschaftlicher Mitarbeiter
brenner[[at]]ibr.cs.tu-bs.de
+49 531 3913285
Room 112

Theses

TitleTypeSupervisorStatus
Evaluation von WebAssembly InstruktionenBachelor ThesisDavid Goltzschefinished

If you are interested in writing a thesis regarding this project, please feel free to contact us.

Publication List


last changed 2019-06-05, 09:50 (dynamic content) by David Goltzsche
slidesprintemailtop