Prototypes details

  • TME-CPS - Trusted Management Environment for Clous PaaS
  • TME-CPS is a runtime library implementing and supporting a set of management protocols and facilities supporting system-administration, management and auditing operations protected by Intel SGX enabled CPUs, on computing instances running in a cloud (as Trusted-Enabled Managed Minions) and composing a PaaS environment. The system prototype was tested as a solution installed and running in OVH-Cloud dedicated instances enabled by Intel SGX CPUs (https://us.ovhcloud.com/) with specific deployment of SGX-enabled Dedicated Servers, with instances in typical reference configurations as follow: - Intel E5 1650 v4 6C/12T - 3.6GHz, 64 GB Memory, SoftRaid 2x4TB, 3Gbps - Intel E5 2687W v4 12C/24T - 3GHz, 128 GB Memory, SoftRAID 2x4TB 3GBps - Intel 2x E5-2687W v4 24C/48T - 3GHz, 256GB, SoftRAID 2x4TB, 3Gbps Ref: https://us.ovhcloud.com/products/servers/infrastructure-servers The supported protocols allow: (1) trusted operations for remote attested installations; (2) trusted monitoring of trusted software states on instances certified and ready to receive customer's workloads; (3) support for remote trusted auditing operations on instances certified and ready to receive customer's workloads; (4) trusted transparent migrations of stateless micro-services from nodes that will be object of maintenance and attested nodes ready to receive clients' workloads. The prototype was developed and deployed in Dedicated Computing Instances of the OVH Cloud Computing Provider, ready to run in Dedicated Servers in the Rise Range of Bare-Metal servers offered by OVH (https://www.ovh.com/world/dedicated-servers/) , Intel (SGX Enabled) Xeon E3-1270v6 - 4 c / 8 t - 3.8 GHz / 4.2 GHz, Rise 1 to Rise 4 instances. The prototype was a development effort and experimental evaluation, conducted in the elaboration of a MSc dissertation at FCT/UNL - Nova Lincs Research Center, by António Ribeiro (MSc Student) and Prof. Henrique Domingos (FCT/UNL, Nova Lincs Research Center). The prototype with the implementation (and references for installation/use) is available in: https://github.com/AntonioRib/trustedCCEnvironment or https://github.com/AntonioRib/TME-CPS (more recent version)
  • 24 Apr 2019
  • https://github.com/AntonioRib/TME-CPS
  • Henrique Domingos, António Barata Ribeiro