verifiable resource accounting for cloud computing services n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Verifiable Resource Accounting for Cloud Computing Services PowerPoint Presentation
Download Presentation
Verifiable Resource Accounting for Cloud Computing Services

Loading in 2 Seconds...

play fullscreen
1 / 22

Verifiable Resource Accounting for Cloud Computing Services - PowerPoint PPT Presentation


  • 147 Views
  • Uploaded on

Verifiable Resource Accounting for Cloud Computing Services. Vyas Sekar, Petros Maniatis ISTC for Secure Computing . State of cloud computing today .

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Verifiable Resource Accounting for Cloud Computing Services' - charo


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
verifiable resource accounting for cloud computing services

Verifiable Resource Accountingfor Cloud Computing Services

Vyas Sekar, Petros Maniatis

ISTC for Secure Computing

state of cloud computing today
State of cloud computing today ..

As it turns out, Microsoft's doesn't disclose revenues related to its cloud services. And on that matter, it's not alone. Neither do Amazon, Google, or IBM.

It's that dreaded time of the month again, the time of the month that we, the 400,000+ Amazon Web Service consumers await with great anticipation / horror. What I'm talking about is the Amazon Web Services Billing Statement sent at beginning of each month.

Need stronger, verifiable resource accounting!

divided opinions on better accounting
Divided opinions on “better accounting”

vs.

Non-problem

Technically “easy”

Market forces will solve this!

“Obviously” critical problem

But, we don’t know how!!

Little systematic research on this topic!

goal of this work
Goal of this work
  • Stimulate active discussion
  • Our own position: “obviously critical”
  • Sketch a technical framework for how
outline
Outline
  • Motivation
  • Problem definition
  • Did-I verifiability
  • Should-I verifiability
  • Discussion
  • Ongoing work
problem setup
Problem Setup

Verifier

T,R,W,A

Task (T)

Provider

Report (R)

Trusted Layer

Customer

Witness (W)

Attribution

Model (A)

e.g., SLA-like contract

what does verifiability mean
What does verifiability mean?

Task,Report,Witness,Attribution

(T,R,W,A)

Verifier

Customer

  • Did I use the resources billed?
  • T did physically consume X cycles, Y GB RAM, Z MB bandwidth
  • Is P double counting or overcharging?

2. Should I have used these resources?

e.g., Was it because of poor scheduling by P?

Did T consume more due to “contention” with T’ on same CPU?

outline1
Outline
  • Motivation
  • Problem definition
  • Did-I verifiability
  • Should-I verifiability
  • Discussion
  • Ongoing work
did i verifiability
Did-I Verifiability

Provider P

C1

R2

R1

T2

T1

C2

  • T1, T2 did physically consume X1, X2 cycles
  • i.e., P is not “double counting” or overcharging
a clean slate solution
A Clean-slate Solution

Task1

Task2

No spurious reports

Visibility into

low-level

Resource 1

Resource 2

“Trusted”

Hardware-root-of-trust

“Witness”

challenges with clean slate
Challenges with Clean Slate

Performance slowdown

Task1

Task2

Bandwidth overhead

Resource 1

Resource 2

Doesn’t exist yet!

practical approximations
Practical Approximations
  • Bandwidth overhead  Aggregation
  • Performance slowdown
    • Sampling or snapshots
  • Relaxing hardware dependence
    • Small instruction stream recorder (not online)
    • Shim layer for monitoring
outline2
Outline
  • Motivation
  • Problem definition
  • Did-I verifiability
  • Should-I verifiability
  • Discussion
  • Ongoing work
should i verifiability
Should-I Verifiability

Provider P

R’

R

T

Consumer

T

Ideal Provider P’

  • Is R very different from R’ in ideal case?
  • e.g., is P scheduling/allocating as it promised?
  • e.g., is R high because of contention?
clean slate should i
Clean-slate Should-I

Verifier

Customer

Provider

Log of

Requests,

interrupts

Requests

Decisions

Allocator

Allocator

Log of

Decisions

Decisions

Interrupts

e.g., this is the VMM or cluster scheduler implementing “weighted fair queuing”

“Witness”

challenges with clean slate1
Challenges with Clean-Slate

Leak proprietary logic

Verifier

Customer

Provider

Log of

Requests,

interrupts

Requests

Decisions

Allocator

Allocator

Log of

Decisions

Decisions

Interrupts

Log overhead

e.g., locate verifier

or agent close to P

balancing privacy vs accountability
Balancing privacy vs accountability

Verifier

Customer

Provider

Requests

Log of

Requests,

interrupts

Hidden

Private

Policy

Allocator

Template

Decisions

Allocator

Template

Log of

Decisions

Decisions

Interrupts

e.g., Is the provider running a “fair queueing” scheduler?

But “weights” are private policy

alternative quantitative should i
Alternative “Quantitative” Should-I

Leak proprietary logic

Verifier

Customer

Provider

Log of

Requests,

interrupts

Requests

Decisions

Allocator

Allocator

Allocator

Log of

Decisions

Decisions

Task

Interrupts

Report

Very different from SLA verification

Not promising lower bound on “resources”

Rather computing upper bound on “consumption”

outline3
Outline
  • Motivation
  • Problem definition
  • Did-I verifiability
  • Should-I verifiability
  • Discussion
  • Ongoing work
discussion
Discussion
  • Provider incentives
    • More adoption to avoid underutilization
    • Less conservative in accounting
    • Prevent customers from gaming the system
  • Why markets may not suffice?
    • Infrastructure  few players
    • Cost of migrating is non-trivial
  • Relaxing provider assistance
    • Resource prediction or collaborative inference
summary
Summary
  • Honeymoon phase for cloud is over Need stronger verifiable accounting
  • Benefits to consumers & providers
    • Side benefit: may encourage better practices
  • Sketch a framework, potential solutions
    • Did-Iand Should-Iverifiability
  • Working toward a practical realization