Abstract: Cloud computing provides enormous power to end users to obtain on-demand computing services, offering higher flexibility and control. Cloud computing however poses a fundamental question: Can we trust the results? How can we be sure that the computation has been done correctly? In this talk we provide an overview of approaches to providing correctness guarantees through replicated computation, and show how smart contracts can be used to design systems with provable correctness that are viable in practice.
Abstract: Network function virtualisation enables versatile network functions as cloud services. Specifically, network measurement tasks such as heavy-hitter detection and flow distribution estimation serve many core network functions for improved performance and security of enterprise networks. However, deploying network measurement services in third-party cloud providers raises critical privacy and security concerns. In this talk, I will present the design of our recent work named OblivSketch - a secure network measurement service built from Intel SGX. We harness the insights from confidential computing, large-scale network flow analysis, and data-oblivious primitives to build a secure and practical network measurement service that can even mitigate side-channels against SGX. We integrate OblivSketch into the framework of SDN and demonstrate its performance via CAIDA datasets with millions of flows.
