Jämes Ménétrey
Marcelo Pasin
Pascal Felber
Valerio Schiavoni
ABSTRACT
Over the last decade, the cloud computing landscape has transformed from centralised architecture made of large data centres to a distributed and heterogeneous architecture embracing edge and IoT processing units. This shift has created the so-called cloud-edge continuum, which closes the gap between the large datacentres and the end-user devices. Existing solutions are, however, dominated by proprietary silos and incompatible technologies, built around dedicated devices and run-time stacks. In this position paper, we motivate the need for interoperable solutions that would run seamlessly across hardware devices and software environments, while achieving good performance and a high level of security-a critical requirement for code and data processed off-premises. We argue that the technology provided by WebAssembly running on modern virtual machines and shielded within trusted execution environments, combined with a core set of services and support libraries, allows us to meet both goals. We also present preliminary results from a prototype built with these technologies and deployed on the cloud-edge continuum.
Supplemental Material
- Fritz Alder, Arseny Kurnikov, Andrew Paverd, et al. 2018. Migrating SGX enclaves with persistent state. In 48th IFIP International Conference on Dependable Systems and Networks (DSN '18). IEEE.Google Scholar
Cross Ref
- Arm. 2019. Introducing Arm TrustZone. https://developer.arm.com/ip-products/security-ip/trustzone.Google Scholar
- Sergei Arnautov, Bohdan Trach, Franz Gregor, et al. 2016. SCONE: secure Linux Containers with Intel SGX. In 12th Symposium on Operating Systems Design and Implementation (OSDI '16). USENIX.Google Scholar
- Daniel Balouek-Thomert, Eduard Gibert Renart, Ali Reza Zamani, et al. 2019. Towards a computing continuum: enabling edge-to-cloud integration for data-driven workflows. The International Journal of High Performance Computing Applications, 33, 6, 1159--1174.Google ScholarDigital Library
- Gaurav Banga and Jeffrey C. Mogul. 1999. Resource containers: a new facility for resource management in server systems. In 3rd Symposium on Operating Systems Design and Implementation (OSDI '99). USENIX.Google Scholar
- L. Baresi, D. F. Mendonça, M. Garriga, et al. 2019. A unified model for the mobile-edge-cloud continuum. ACM Trans. Internet Technol., 19, 2, Article 29.Google ScholarDigital Library
- Luiz Bittencourt, Roger Immich, Rizos Sakellariou, et al. 2018. The Internet of things, fog and cloud continuum: integration and challenges. Internet of Things, 3, 134--155.Google ScholarCross Ref
- Confidential computing consortium. https://confidentialcomputing.io/projects/.Google Scholar
- Breno Costa, Joao Bachiega Jr, Leonardo Rebouças de Carvalho, et al. 2022. Orchestration in fog computing: a comprehensive survey. ACM Computing Surveys (CSUR), 55, 2, 1--34.Google ScholarDigital Library
- Victor Costan and Srinivas Devadas. 2016. Intel SGX explained. IACR Cryptology ePrint Archive, 86.Google Scholar
- Advanced Micro Devices. 2019. Secure Encrypted Virtualization API: Technical Preview. Technical report 55766. Advanced Micro Devices.Google Scholar
- Enarx. https://enarx.io.Google Scholar
- David Goltzsche, Manuel Nieke, Thomas Knauth, et al. 2019. AccTEE: a WebAssembly- based two-way sandbox for trusted resource accounting. In 20th International Middleware Conference. ACM.Google ScholarDigital Library
- Google. Confidential computing. https://cloud.google.com/confidential-computing.Google Scholar
- Kiryong Ha, Yoshihisa Abe, Thomas Eiszler, et al. 2017. You can teach elephants to dance: agile VM handoff for edge computing. In 2nd Symposium on Edge Computing (SEC '17). ACM/IEEE.Google ScholarDigital Library
- Andreas Haas, Andreas Rossberg, Derek L. Schuff, et al. 2017. Bringing the web up to speed with WebAssembly. In 38th Conference on Programming Language Design and Implementation (PLDI '17). ACM SIGPLAN.Google ScholarDigital Library
- Abhinav Jangda, Bobby Powers, Emery D. Berger, et al. 2019. Not so fast: analyzing the performance of WebAssembly vs. native code. In USENIX Annual Technical Conference (ATC '19).Google Scholar
- Hyuk-Jin Jeong, Chang Hyun Shin, Kwang Yong Shin, et al. 2019. Seamless offloading of web app computations from mobile device to edge clouds via HTML5 web worker migration. In Symposium on Cloud Computing (SoCC '19). ACM.Google ScholarDigital Library
- Lv Junyan, Xu Shiguo, and Li Yijie. 2009. Application research of embedded database SQLite. In International Forum on Information Technology and Applications (IFITA'09). IEEE.Google Scholar
- Chris Lattner and Vikram S. Adve. 2004. LLVM: a compilation framework for lifelong program analysis & transformation. In International Symposium on Code Generation and Optimization (CGO '04). IEEE.Google Scholar
- Frank McKeen, Ilya Alexandrovich, Alex Berenzon, et al. 2013. Innovative instructions and software model for isolated execution. In 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (HASP '13). ACM.Google ScholarDigital Library
- Memory64 proposal. https://github.com/WebAssembly/memory64.Google Scholar
- Jämes Ménétrey, Christian Göttel, Anum Khurshid, et al. 2022. Attestation mechanisms for trusted execution environments demystified. In 22nd IFIP International Conference on Distributed Applications and Interoperable Systems (DAIS '22). Springer.Google Scholar
- Jämes Ménétrey, Marcelo Pasin, Pascal Felber, et al. 2021. Twine: an embedded trusted runtime for WebAssembly. In 37th International Conference on Data Engineering (ICDE '21). IEEE.Google ScholarCross Ref
- Jämes Ménétrey, Marcelo Pasin, Pascal Felber, et al. 2022. Watz: a Trusted WebAssembly runtime environment with remote attestation for TrustZone. In 38th International Conference on Distributed Computing Systems (ICDCS '22). IEEE.Google Scholar
- Microsoft. Azure confidential computing. https://azure.microsoft.com/en- us/solutions/confidential-compute/.Google Scholar
- Microsoft. Azure Sphere. https://azure.microsoft.com/en-us/services/azure- sphere/.Google Scholar
- Mozilla. 2019. Standardizing WASI: a system interface to run WebAssembly outside the web. https://hacks.mozilla.org/2019/03/standardizing- wasi-a-webassembly-system-interface/.Google Scholar
- Louis-Noël Pouchet et al. 2018. PolyBench/C the polyhedral benchmark suite.Google Scholar
- 2022. WebAssembly Core Specification. Version 2.0. W3C.Google Scholar
- Weisong Shi, Jie Cao, Quan Zhang, et al. 2016. Edge computing: vision and challenges. IEEE Internet of Things Journal, 3, 5, 637--646.Google ScholarCross Ref
- SQLite, Speedtest1. https://sqlite.org/cpu.html.Google Scholar
- Bill Venners. 1998. The Java virtual machine. Java and the Java virtual machine: definition, verification, validation.Google Scholar
- Veracruz. https://veracruz-project.com.Google Scholar
- Wasi-nn proposal. https://github.com/WebAssembly/wasi-nn.Google Scholar
- Wasi-parallel proposal. https://github.com/WebAssembly/wasi-parallel.Google Scholar
- WebAssembly micro runtime. https://github.com/bytecodealliance/wasm-micro-runtime.Google Scholar
- Alon Zakai. 2011. Emscripten: an LLVM-to-JavaScript compiler. In International Conference Companion on Object Oriented Programming Systems Languages and Applications Companion (OOPSLA '11). ACM.Google ScholarDigital Library
Recommendations
Simulating FaaS Orchestrations In The Cloud-Edge Continuum
FRAME '23: Proceedings of the 3rd Workshop on Flexible Resource and Application Management on the EdgeDeploying Function-as-a-Service (FaaS) applications to resources in the Cloud-Edge continuum calls for suitable simulation environments to assess new proposals for managing those applications while accounting for their specificity, i.e. ephemeral ...
A secure, privacy-preserving IoT middleware using intel SGX
IoT '17: Proceedings of the Seventh International Conference on the Internet of ThingsWith Internet of Things (IoT) middleware solutions moving towards cloud computing, the problems of trust in cloud platforms and data privacy need to be solved. The emergence of Trusted Execution Environments (TEEs) opens new perspectives to increase ...
Towards Seamless Serverless Computing Across an Edge-Cloud Continuum
UCC '23: Proceedings of the IEEE/ACM 16th International Conference on Utility and Cloud ComputingServerless computing has emerged as an attractive paradigm due to the efficiency of development and the ease of deployment without managing any underlying infrastructure. Nevertheless, serverless computing approaches face numerous challenges to unlock ...
Comments