Abstract
Outsourced computation services should ideally only charge customers for the resources used by their applications. Unfortunately, no verifiable basis for service providers and customers to reconcile resource accounting exists today. This leads to undesirable outcomes for both providers and consumers-providers cannot prove to customers that they really devoted the resources charged, and customers cannot verify that their invoice maps to their actual usage. As a result, many practical and theoretical attacks exist, aimed at charging customers for resources that their applications did not consume. Moreover, providers cannot charge consumers precisely, which causes them to bear the cost of unaccounted resources or pass these costs inefficiently to their customers.
We introduce ALIBI, a first step toward a vision for verifiable resource accounting. ALIBI places a minimal, trusted reference monitor underneath the service provider's software platform. This monitor observes resource allocation to customers' guest virtual machines and reports those observations to customers, for verifiable reconciliation. In this paper, we show that ALIBI efficiently and verifiably tracks guests' memory use and CPU-cycle consumption.
- Cloud storage providers need sharper billing metrics. http://www.networkworld.com/news/2011/061711-cloud-storage-providers-need-sharper.html?page=2.Google Scholar
- dm-verity: device-mapper block integrity checking target. http://code.google.com/p/cryptsetup/wiki/DMVerity. Retrieved 2/2013.Google Scholar
- IT Cloud Services User Survey: Top Benefits and Challenges. http://blogs.idc.com/ie/?p=210.Google Scholar
- Service billing is hard. http://perspectives.mvdirona.com/2009/02/16/ServiceBillingIsHard.aspx.Google Scholar
- TPM Main Specification Level 2 Version 1.2, Revision 103 (Trusted Computing Group). http://www.trustedcomputinggroup.org/resources/tpm\_main\_specification/.Google Scholar
- VMWare vCenter Chargeback. http://www.vmware.com/products/vcenter-chargeback/overview.html.Google Scholar
- The Trusted Boot Project (tboot). http://tboot.sourceforge.net/, Sept. 2007.Google Scholar
- G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song. Provable Data Possession at Untrusted Stores. In ACM CCS, 2007. Google Scholar
Digital Library
- M. Ben-Yehuda, M. D. Day, Z. Dubitzky, M. Factor, N. Har'El, A. Gordon, A. Liguori, O. Wasserman, and B.-A. Yassour. The Turtles Project: Design and Implementation of Nested Virtualization. In OSDI, 2010. Google Scholar
Digital Library
- S. Chen, J. Xu, E. C. Sezer, P. Gauriar, and R. K. Iyer. Non-Control-Data Attacks are Realistic Threats. In USENIX Security, 2005. Google Scholar
Digital Library
- Y. Chen, A. Ganapathi, R. Griffith, and R. Katz. The Case for Evaluating MapReduce Performance Using Workload Suites. In Proc. MASCOTS, 2011. Google Scholar
Digital Library
- R. Cohen. Navigating the Fog - Billing, Metering and Measuring the Cloud. Cloud computing journal http://cloudcomputing.sys-con.com/node/858723.Google Scholar
- P. Colp, M. Nanavati, J. Zhu, W. Aiello, G. Coker, T. Deegan, P. Loscocco, and A. Warfield. Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor. In SOSP, 2011. Google Scholar
Digital Library
- J. Du, N. Sherawat, and W. Zwaenepoel. Performance Profiling in a Virtualized Environment. In Proc. HotCloud, 2010. Google Scholar
Digital Library
- U. Erlingsson, M. Abadi, M. Vrable, M. Budiu, and G. C. Necula. XFI: Software Guards for System Address Spaces. In OSDI, 2006. Google Scholar
Digital Library
- K. Fu, M. F. Kaashoek, and D. Mazières. Fast and Secure Distributed Read-only File System. ACM TOCS, 20(1), 2002. Google Scholar
Digital Library
- A. Gordon, N. Amit, N. Har'El, M. Ben-Yehuda, A. Landau, A. Schuster, and D. Tsafrir. ELI: Bare-Metal Performance for I/O Virtualization. In ASPLOS, 2012. Google Scholar
Digital Library
- A. Haeberlen, P. Aditya, R. Rodrigues, and P. Druschel. Accountable Virtual Machines. In OSDI, 2010. Google Scholar
Digital Library
- J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Calandrino, A. J. Feldman, J. Appelbaum, and E. W. Felten. Lest We Remember: Cold Boot Attacks on Encryption Keys. In USENIX Security, 2008. Google Scholar
Digital Library
- O. S. Hofmann, A. M. Dunn, S. Kim, I. Roy, and E. Witchel. Ensuring Operating System Kernel Integrity with OSck. In ASPLOS, 2011. Google Scholar
Digital Library
- S. Huang, J. Huang, J. Dai, T. Xie, and B. Huang. The HiBench benchmark suite: Characterization of the MapReduce-based data analysis. In Proc. ICDE Workshops, 2010.Google Scholar
Cross Ref
- R. Iyer, R. Illikkal, L. Zhao, D. Newell, and J. Moses. Virtual Platform Architectures for Resource Metering in Datacenters. In SIGMETRICS, 2009. Google Scholar
Digital Library
- A. Juels and B. S. Kaliski. PORs: Proofs of retrievability for large files. In ACM CCS, 2007. Google Scholar
Digital Library
- B. Kauer. OSLO: Improving the Security of Trusted Computing. In USENIX Security, 2007. Google Scholar
Digital Library
- A. Kvalnes, D. Johansen, R. van Renesse, F. B. Schneider, and S. V. Valvag. Design Principles for Isolation Kernels. Technical Report 2011-70, Computer Science Department, University of Tromsø, 2011.Google Scholar
- A. Li, X. Yang, S. Kandula, and M. Zhang. CloudCmp: Comparing Public Cloud Providers. In IMC, 2010. Google Scholar
Digital Library
- M. Liu and X. Ding. On Trustworthiness of CPU Usage Metering and Accounting. In ICDCS-SPCC, 2010. Google Scholar
Digital Library
- M. McIntosh and P. Austel. XML signature Element Wrapping Attacks and Countermeasures. In ACM SWS, 2005. Google Scholar
Digital Library
- A. Mihoob, C. Molina-Jimenez, and S. Shrivastava. A Case for Consumer-centric Resource Accounting Models. In Proc. International Conference on Cloud Computing, 2010. Google Scholar
Digital Library
- J. C. Mogul. Operating systems should support business change. In HotOS, 2005. Google Scholar
Digital Library
- B. Parno. Bootstrapping Trust in a "Trusted" Platform. In HotSec, 2008. Google Scholar
Digital Library
- R. A. Popa, J. R. Lorch, D. Molnar, H. J. Wang, and L. Zhuang. Enabling Security in Cloud Storage SLAs with CloudProof. In Proc. USENIX ATC, 2011. Google Scholar
Digital Library
- G. Ren, E. Tune, T. Moseley, Y. Shi, S. Rus, and R. Hundt. Google-Wide Profiling: A Continuous Profiling Infrastructure for Data Centers. IEEE Micro, 2010. Google Scholar
Digital Library
- K. Ren, C. Wang, and Q. Wang. Security Challenges for the Public Cloud. IEEE Internet Computing, 16(1), 2012. Google Scholar
Digital Library
- T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. Hey, You, Get off of my cloud: Exploring Information Leakage in Third-Party Compute Clouds. In ACM CCS, 2009. Google Scholar
Digital Library
- R. Russell. virtio: Towards a De-Facto Standard for Virtual I/O Devices. ACM SIGOPS OSR, 42(5), 2008. Google Scholar
Digital Library
- R. Sahita. Intel Virtualization Technology Extensions for High Performance Protection Domains. https://intel.activeevents.com/sf12/scheduler/catalog.do, Sept. 2012. Intel Developer Forum 2012, Session ID FUTS003.Google Scholar
- J. Schiffman, T. Moyer, T. Jaeger, and P. McDaniel. Network-Based Root of Trust for Installation. IEEE Security and Privacy, 9(1), 2011. Google Scholar
Digital Library
- V. Sekar and P. Maniatis. Verifiable Resource Accounting for Cloud Computing Services. In ACM CCSW, 2011. Google Scholar
Digital Library
- A. Seshadri, M. Luk, N. Qu, and A. Perrig. SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes. In SOSP, 2007. Google Scholar
Digital Library
- M. A. Shah, M. Baker, J. C. Mogul, and R. Swaminathan. Auditing to Keep Online Storage Services Honest. In HotOS, 2007. Google Scholar
Digital Library
- J. Somorovsky, M. Heiderich, M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono. All Your Clouds are Belong to us -- Security Analysis of Cloud Management Interfaces. In ACM CCSW, 2011. Google Scholar
Digital Library
- J. Sugerman, G. Venkitachalam, and B.-H. Lim. Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor. In USENIX ATC, 2001. Google Scholar
Digital Library
- V. Varadarajan, B. Farley, T. Ristenpart, and M. M. Swift. Resource-Freeing Attacks: Improve Your Cloud Performance (at Your Neighbor's Expense). In ACM CCS, 2012. Google Scholar
Digital Library
- A. Vasudevan, S. Chaki, L. Jia, J. McCune, J. Newsome, and A. Datta. Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework. In IEEE S&P, 2013.Google Scholar
- M. Wachs, L. Xu, A. Kanevsky, and G. R. Ganger. Exertion-based Billing for Cloud Storage Access. In HotCloud, 2011. Google Scholar
Digital Library
- A. Wolfe. Intel CTO Envisions On-Chip Data Centers. http://www.informationweek.com/news/global-cio/interviews/showArticle.jhtml?articleID=221900325, Nov. 2009.Google Scholar
- F. Zhang, J. Chen, H. Chen, and B. Zang. CloudVisor: Retrofitting Protection of Virtual Machines in Multi-tenant Cloud with Nested Virtualization. In SOSP, 2011. Google Scholar
Digital Library
- Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart. Cross-VM Side Channels and Their Use to Extract Private Keys. In ACM CCS, 2012. Google Scholar
Digital Library
- F. Zhou, M. Goel, P. Desnoyers, and R. Sundaram. Scheduler Vulnerabilities and Coordinated Attacks in Cloud Computing. In IEEE NCA, 2011. Google Scholar
Digital Library
Index Terms
Towards verifiable resource accounting for outsourced computation
Recommendations
Towards verifiable resource accounting for outsourced computation
VEE '13: Proceedings of the 9th ACM SIGPLAN/SIGOPS international conference on Virtual execution environmentsOutsourced computation services should ideally only charge customers for the resources used by their applications. Unfortunately, no verifiable basis for service providers and customers to reconcile resource accounting exists today. This leads to ...
Verifiable resource accounting for cloud computing services
CCSW '11: Proceedings of the 3rd ACM workshop on Cloud computing security workshopCloud computing offers users the potential to reduce operating and capital expenses by leveraging the amortization benefits offered by large, managed infrastructures. However, the black-box and dynamic nature of the cloud infrastructure makes it ...
Verifiable Computation on Outsourced Encrypted Data
Computer Security - ESORICS 2014AbstractOn one hand, homomorphic encryption allows a cloud server to perform computation on outsourced encrypted data but provides no verifiability that the computation is correct. On the other hand, homomorphic authenticator, such as homomorphic ...







Comments