log in  |  register  |  feedback?  |  help  |  web accessibility
Pacer: Network Side Channel Mitigation in the Cloud
Aastha Mehta - MPI
Friday, May 17, 2019, 11:00-11:59 am Calendar
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)

An important concern for many Cloud customers is data confidentiality. A particular concern is data leak via side channels, which arise when mutually distrusting tenants contend on resources such as CPUs, caches, memory, and network in the Cloud. In this talk, I will present our system, Pacer, which mitigates side channels arising from shared network links. Pacer shapes the outbound traffic of a Cloud tenant to make it independent of the tenant's secrets. At the same time, Pacer allows variations in the traffic shape that reveal only public (non-secret) aspects of the tenants' workloads, thus enabling efficient sharing of network resources. Implementing Pacer requires modest changes to the Cloud hypervisor and guest OS, and minimal changes to the guest application. Our experimental results show that Pacer can protect the guests' secrets with modest overheads on bandwidth and throughput.

This talk is organized by Jonathan Katz