Aastha Mehta - University of British Columbia
April 8, 2022, 2:30 p.m. - April 8, 2022, 3:30 p.m.
Virtual (see link below)
Hosted by: Oana Balmau
Abstract: An important requirement for many Cloud customers is the confidentiality of their Cloud-hosted data and computation. Of particular concern are potential data leaks via side channels, which arise when mutually untrusting parties contend on resources such as CPUs, caches, and networks. In our recent work, we have been exploring principled and practical solutions for preventing network side-channel leaks in Infrastructure-as-a-Service (IaaS) Clouds. We have developed Pacer, which is the first system that eliminates network side-channel leaks in public IaaS Clouds end-to-end. Pacer builds on the principled technique of shaping guest traffic to make the traffic shape independent of secrets by design. Additionally, Pacer addresses several important challenges in designing a secure shaping system, which has not been considered in prior work. Pacer prevents host-internal side channels from affecting reshaped traffic, and it respects network flow control, congestion control, and loss recovery signals. Pacer is implemented as a paravirtualization extension to the host hypervisor, requiring modest changes to the hypervisor and the guest kernel, and only optional, minimal changes to the applications.
In this talk, I will describe the problem of network side-channel leaks, Pacer’s key abstraction of a cloaked tunnel, its design and implementation for Cloud tenants, and an empirical evaluation that shows that Pacer imposes only modest overheads on bandwidth, client latency, and server throughput.
Bio: Aastha Mehta is an Assistant Professor in the Computer Science Department at the University of British Columbia, Vancouver. She received her PhD summa cum laude from Max Planck Institute for Software Systems (MPI-SWS) and Saarland University, Germany in 2020. In the past, she has worked as a research intern at Microsoft Research Cambridge, UK, and as a software developer at NetApp Bangalore, India. Aastha’s interests are in building practical systems for ensuring data privacy and integrity in online services and IoT applications. Aastha received an NSERC Discovery Grant with a DND Supplement in 2021.
Zoom link: https://mcgill.zoom.us/j/84280715850
Virtual reception after the talk in Gather: https://gather.town/app/tYHHMh7tPcPw9037/reception