论文信息 - SGX-PySpark: Secure Distributed Data Analytics

SGX-PySpark: Secure Distributed Data Analytics

Data analytics is central to modern online services, particularly those data-driven. Often this entails the processing of large-scale datasets which may contain private, personal and sensitive information relating to individuals and organisations. Particular challenges arise where cloud is used to store and process the sensitive data. In such settings, security and privacy concerns become paramount, as the cloud provider is trusted to guarantee the security of the services they offer, including data confidentiality. Therefore, the issue this work tackles is “How to securely perform data analytics in a public cloud?” To assist this question, we design and implement SGX-PySpark- a secure distributed data analytics system which relies on a trusted execution environment (TEE) such as Intel SGX to provide strong security guarantees. To build SGX-PySpark, we integrate PySpark - a widely used framework for data analytics in industry to support a wide range of queries, with SCONE - a shielded execution framework using Intel SGX.

[1] Christof Fetzer,et al. Varys: Protecting SGX Enclaves from Practical Side-Channel Attacks , 2018, USENIX ATC.

[2] David M. Eyers,et al. SCONE: Secure Linux Containers with Intel SGX , 2016, OSDI.

[3] Srinivas Devadas,et al. Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[4] Christof Fetzer,et al. ShieldBox: Secure Middleboxes using Shielded Execution , 2018, SOSR.

[5] Christos Gkantsidis,et al. VC3: Trustworthy Data Analytics in the Cloud Using SGX , 2015, 2015 IEEE Symposium on Security and Privacy.

[6] Michael J. Franklin,et al. Resilient Distributed Datasets: A Fault-Tolerant Abstraction for In-Memory Cluster Computing , 2012, NSDI.

[7] Patrick Wendell,et al. Learning Spark: Lightning-Fast Big Data Analytics , 2015 .

[8] Ion Stoica,et al. Opaque: An Oblivious and Encrypted Distributed Analytics Platform , 2017, NSDI.

[9] Joseph K. Bradley,et al. Spark SQL: Relational Data Processing in Spark , 2015, SIGMOD Conference.