A novel approach to prevent cache based side-channel attack in the cloud (1)
•Download as PPTX, PDF•
0 likes•11 views
Summary of “A Novel Approach to Prevent Cache-Based Side-Channel Attack in the Cloud” Read more at https://mrg-goel.medium.com/summary-of-a-novel-approach-to-prevent-cache-based-side-channel-attack-in-the-cloud-2bd802e20155
Report
Share
Report
Share
Recommended
Java volatile
Double checked locking is used to lazily initialize a field to avoid the synchronization cost on every access. It ensures that after the first check the field is initialized, subsequent checks will see the initialized value without needing to synchronize again. CPU caches can cause problems like false sharing when multiple threads read and write nearby but independent variables in memory. Tools like Java Object Layout and memory barriers can help address issues with caches. Concurrency is difficult and even experts are still learning due to mysterious data races that can occur.
Efficient and Fast Time Series Storage - The missing link in dynamic software...
Efficient and Fast Time Series Storage - The missing link in dynamic software...Florian Lautenschlager
(1) Chronix is a time series database that aims to provide both fast queries and efficient storage of operational data through semantic compression, chunking of time series, and multi-dimensional storage of records and their attributes.
(2) Benchmarks on real-world operational data showed that Chronix outperforms related time series databases in write throughput, storage efficiency, and access times for typical analysis queries.
(3) While still a proof-of-concept, Chronix shows potential for fast and efficient operational time series storage and analysis needed for dynamic software monitoring and diagnostics.DAX: A Widely Distributed Multi-tenant Storage Service for DBMS Hosting
DAX is a distributed, multi-tenant storage service for hosting DBMS in the cloud. It replicates data across multiple data centers for disaster tolerance. DAX uses optimistic I/O and client-managed durability to reduce read and write latencies. It provides consistency guarantees appropriate for DBMS workloads, ensuring the latest data is visible and a single version survives failures.
Sharding: Past, Present and Future with Krutika Dhananjay
- Sharding is a client-side translator that splits files into equally sized chunks or shards to improve performance and utilization of storage resources. It sits above the distributed hash table (DHT) in Gluster.
- Sharding benefits virtual machine image storage by allowing data healing and replication at the shard level for better scalability. It also distributes load more evenly across bricks.
- For general purpose use, sharding aims to maximize parallelism during writes while maintaining consistency through atomic operations and locking frameworks. Key challenges include updating file metadata without locking and handling operations like truncates and appends correctly across shards.
SNIA SDC 2016 final
This document discusses distributed storage technologies and challenges. It covers persistent memory, distributed storage case studies like GlusterFS and Ceph, and challenges such as network latency. It also addresses how distributed storage systems scale performance and capacity through techniques like horizontal scaling across commodity nodes and maintaining a single namespace.
Decoupling Provenance Capture and Analysis from Execution
Presentation for the paper:
Manolis Stamatogiannakis, Paul Groth and Herbert Bos. Decoupling Provenance Capture and Analysis from Execution
Presented at Theory and Practice of Provenance 2015 (TaPP'15)
http://workshops.inf.ed.ac.uk/tapp2015/
Life as a GlusterFS Consultant with Ivan Rossi
This document describes the experiences of Ivan Rossi working as a Gluster consultant listed on gluster.org. It outlines the types of clients that contact him, including small businesses and those looking for help troubleshooting Gluster issues. It also shares some case studies, such as helping a company that had millions of unorganized files slowing down operations and advising businesses on using Gluster in private and public clouds. The document aims to convey what it is like to be a Gluster consultant and provide advice based on lessons learned from previous work.
IEEE Paper Presentation by Chandan Kumar
This document proposes using time-series forecasting techniques to predict server load in cloud data centers. This would allow for detecting overloaded hosts and migrating virtual machines (VMs) to balance load and reduce energy consumption. Key steps include using exponential smoothing to predict future loads, detecting overloaded hosts when loads exceed thresholds, selecting the least utilized VM to migrate, and choosing destination hosts with minimum increased energy. Simulation results show the proposed Smoothed Exponential Smoothing technique reduces energy consumption, number of overloaded nodes, VM migrations, and SLA violations compared to other algorithms.
Recommended
Java volatile
Double checked locking is used to lazily initialize a field to avoid the synchronization cost on every access. It ensures that after the first check the field is initialized, subsequent checks will see the initialized value without needing to synchronize again. CPU caches can cause problems like false sharing when multiple threads read and write nearby but independent variables in memory. Tools like Java Object Layout and memory barriers can help address issues with caches. Concurrency is difficult and even experts are still learning due to mysterious data races that can occur.
Efficient and Fast Time Series Storage - The missing link in dynamic software...
Efficient and Fast Time Series Storage - The missing link in dynamic software...Florian Lautenschlager
(1) Chronix is a time series database that aims to provide both fast queries and efficient storage of operational data through semantic compression, chunking of time series, and multi-dimensional storage of records and their attributes.
(2) Benchmarks on real-world operational data showed that Chronix outperforms related time series databases in write throughput, storage efficiency, and access times for typical analysis queries.
(3) While still a proof-of-concept, Chronix shows potential for fast and efficient operational time series storage and analysis needed for dynamic software monitoring and diagnostics.DAX: A Widely Distributed Multi-tenant Storage Service for DBMS Hosting
DAX is a distributed, multi-tenant storage service for hosting DBMS in the cloud. It replicates data across multiple data centers for disaster tolerance. DAX uses optimistic I/O and client-managed durability to reduce read and write latencies. It provides consistency guarantees appropriate for DBMS workloads, ensuring the latest data is visible and a single version survives failures.
Sharding: Past, Present and Future with Krutika Dhananjay
- Sharding is a client-side translator that splits files into equally sized chunks or shards to improve performance and utilization of storage resources. It sits above the distributed hash table (DHT) in Gluster.
- Sharding benefits virtual machine image storage by allowing data healing and replication at the shard level for better scalability. It also distributes load more evenly across bricks.
- For general purpose use, sharding aims to maximize parallelism during writes while maintaining consistency through atomic operations and locking frameworks. Key challenges include updating file metadata without locking and handling operations like truncates and appends correctly across shards.
SNIA SDC 2016 final
This document discusses distributed storage technologies and challenges. It covers persistent memory, distributed storage case studies like GlusterFS and Ceph, and challenges such as network latency. It also addresses how distributed storage systems scale performance and capacity through techniques like horizontal scaling across commodity nodes and maintaining a single namespace.
Decoupling Provenance Capture and Analysis from Execution
Presentation for the paper:
Manolis Stamatogiannakis, Paul Groth and Herbert Bos. Decoupling Provenance Capture and Analysis from Execution
Presented at Theory and Practice of Provenance 2015 (TaPP'15)
http://workshops.inf.ed.ac.uk/tapp2015/
Life as a GlusterFS Consultant with Ivan Rossi
This document describes the experiences of Ivan Rossi working as a Gluster consultant listed on gluster.org. It outlines the types of clients that contact him, including small businesses and those looking for help troubleshooting Gluster issues. It also shares some case studies, such as helping a company that had millions of unorganized files slowing down operations and advising businesses on using Gluster in private and public clouds. The document aims to convey what it is like to be a Gluster consultant and provide advice based on lessons learned from previous work.
IEEE Paper Presentation by Chandan Kumar
This document proposes using time-series forecasting techniques to predict server load in cloud data centers. This would allow for detecting overloaded hosts and migrating virtual machines (VMs) to balance load and reduce energy consumption. Key steps include using exponential smoothing to predict future loads, detecting overloaded hosts when loads exceed thresholds, selecting the least utilized VM to migrate, and choosing destination hosts with minimum increased energy. Simulation results show the proposed Smoothed Exponential Smoothing technique reduces energy consumption, number of overloaded nodes, VM migrations, and SLA violations compared to other algorithms.
Apache Solr as a compressed, scalable, and high performance time series database
Apache Solr as a compressed, scalable, and high performance time series databaseFlorian Lautenschlager
This document summarizes Florian Lautenschlager's presentation at FOSDEM 2015 about using Apache Solr as a scalable time series database. The presentation discusses how to efficiently store billions of time-correlated data objects using data compression techniques and metadata in Solr documents. This allows fast retrieval of data points within milliseconds while using only 37GB of disk space for 68 billion objects. The document also outlines Solr's query capabilities and how custom functions can perform server-side decompression and aggregation for efficient querying of time series data stored in Solr.Encrypted DNS research @ nic.at
The talk presents fomr of the nic.at R&D work in the fields of Encrypted DNS. The main topics are standardization efforts (and reasoning) about EDNS(0) padding, and a cost estimation of DNS over TLS.
This talk was giving in July 2017 at JSCA, an event of the .fr ccTLD operator AFNIC:
Tradeoffs in Automatic Provenance Capture
Presentation from IPAW 2016. Preprint http://dare.ubvu.vu.nl/handle/1871/54358
DOI: http://doi.org/10.1007/978-3-319-40593-3_3
DSD-INT 2017 The use of big data for dredging - De Boer
Presentation by Gerben de Boer (van Oord) at the Symposium Earth Observation and Data Science, during Delft Software Days - Edition 2017. Thursday, 2 November 2017, Delft.
The new time series kid on the block
Chronix is a time series database that can efficiently store billions of time series data points in a small amount of disk space and retrieve data within milliseconds. It works by splitting time series into fixed-size chunks, compressing the chunks, and storing the compressed chunks and associated metadata in Solr/Lucene records. Chronix provides common time series aggregations, transformations, and analyses through its API. The developers tuned Chronix's performance by evaluating different compression techniques and chunk sizes on real-world datasets. Chronix outperformed other time series databases in storage needs, query speed, and memory usage in their tests.
Data Management in Cloud Platforms
This document discusses data management in cloud platforms. It begins with an introduction to cloud computing, noting its benefits like reduced costs and ability to scale resources. It then covers cloud characteristics like elasticity and security risks. The document discusses data analysis challenges in clouds like fault tolerance and heterogeneous environments. It focuses on data replication techniques between master and slave nodes and different replication types. It also covers master-slave election processes to select a primary node and considers factors like priority, network partitions, and quick detection of a failed primary.
ResCUE rational behind FPGA
FPGAs are proposed as a solution to speed up DNA variation identification while lowering power consumption compared to GPUs. FPGAs can handle both the large amounts of genomic data involved in analysis as well as the sequential and parallel processes like Hidden Markov Models 6 times faster than GPUs. FPGAs are also more power efficient than GPUs for algorithms like k-Nearest Neighbors that are 8 times less power consuming on FPGAs. Based on these factors, FPGAs are concluded to be the best solution for algorithms like XHMM and CLAMMS used in genomics analysis.
Load Balancing In Cloud Computing newppt
The document discusses various load balancing algorithms for cloud computing including round robin, first come first serve (FCFS), and simulated annealing. It provides implementations of each algorithm in CloudSim and compares the results. Round robin and FCFS showed similar overall response times, data center processing times, and maximum/minimum values. Simulated annealing had slightly lower average overall response time. The document proposes using a genetic algorithm for host-side optimization to select the best host for virtual machine requests.
Replication and rebuild in cStor
cStor is a resilient storage engine built with proven building blocks of storage components. The storage block layer is derived from the user space ZFS inherited from the proven OpenSolaris stack. The volumes can be accessed via iSCSI Target which is derived from Linux to BSD port. Both of these core components of cStor have been field tested at thousands of installations for many years.
Cassandra To Infinity And Beyond
How Teads scale with Apache Cassandra.
Internet scale means tons of data, read heavy workload, massive data ingestion and low latency.
The French AdTech company Teads uses Cassandra massively, a reliable and performant Open Source database.
Spawning Cassandra nodes in AWS is a piece of cake with Terraform and Chef.
Introducing gluster filesystem by aditya
GlusterFS is an open-source clustered file system that aggregates disk resources from multiple servers into a single global namespace. It scales to several petabytes and thousands of clients. GlusterFS clusters storage over RDMA or TCP/IP, managing data through a unified namespace. Its stackable userspace design delivers high performance for diverse workloads.
OSDC 2013 | Neues in DRBD9 by Philipp Reisner
DRBD is a block based replication solution, known and available for years under Linux. DRBD allows the implementation of high available systems without SAN. Further use cases are the implementation of storage heads for IP based SANs and long-distance replications over the internet.
At present DRBD has a general limitation on two nodes. With DRBD 9 a new release (beta) is under way, allowing for the first time a replication up to 30 nodes.
With these features many application possibilities open up for cluster file systems, storage for virtual machines “cloud storage”, and much more.
Scaling Islandora
As service providers and primary code contributors in the Islandora Community, discoverygarden encounters customers who are ingesting, accessing, and storing high volumes of data. For example, a customer who had 150,000 objects in 2012 now has three million objects and expectations to grow to five million in the very short term. This is increasingly common.
As repositories grow in size they can encounter poor performance, particularly during large ingests and derivative generation. To accommodate growing repositories caching mechanisms, infrastructure changes, and code updates are necessary.
The presentation will explore customer case studies that demonstrate interim solutions and the extensive, ongoing research and development to find long-term solutions.
Provenance for Data Munging Environments
Data munging is a crucial task across domains ranging from drug discovery and policy studies to data science. Indeed, it has been reported that data munging accounts for 60% of the time spent in data analysis. Because data munging involves a wide variety of tasks using data from multiple sources, it often becomes difficult to understand how a cleaned dataset was actually produced (i.e. its provenance). In this talk, I discuss our recent work on tracking data provenance within desktop systems, which addresses problems of efficient and fine grained capture. I also describe our work on scalable provence tracking within a triple store/graph database that supports messy web data. Finally, I briefly touch on whether we will move from adhoc data munging approaches to more declarative knowledge representation languages such as Probabilistic Soft Logic.
Presented at Information Sciences Institute - August 13, 2015
A Fast and Efficient Time Series Storage Based on Apache Solr
OSDC 2016, Berlin: Talk by Florian Lautenschlager (@flolaut, Senior Software Engineer at QAware)
Abstract: How to store billions of time series points and access them within a few milliseconds? Chronix! Chronix is a young but mature open source project that allows one for example to store about 15 GB (csv) of time series in 238 MB with average query times of 21 ms. Chronix is built on top of Apache Solr a bulletproof distributed NoSQL database with impressive search capabilities. In this code-intense session we show how Chronix achieves its efficiency in both respects by means of an ideal chunking, by selecting the best compression technique, by enhancing the stored data with (pre-computed) attributes, and by specialized query functions.
Autopilot : Securing Cloud Native Storage
As enterprises adopt cloud native infrastructure to run their applications, data security and compliance is becoming a crucial area of interest. When you run your containers in a public cloud, you want to make sure that the data being accessed is secure and that there are no bread crumbs left behind once the container exits. A common mistake many people make is to host-mount a volume directly inside a container, which leaves the container's data behind (directly on the host.)
In this session, we focus on the best practices for ensuring the security and compliance of your applications’ persistent volumes. But ensuring security is an on-going exercise. Ideally you would deploy intelligent software that can constantly monitor and audit the application environment for security holes and breaches.
Autopilot is an automated application runtime management engine built for Kubernetes, and is an open source project sponsored by Portworx: https://github.com/libopenstorage/autopilot
Presented by Gunjan Patel, Gou Rao, and Aditya Dani, January 2019. More details here: https://www.meetup.com/openstack/events/258284618/
CHARM(A Cost-Efficient Multi-Cloud Data Hosting Scheme with High Availability)
The document proposes a multi-cloud data hosting scheme called CHARM that aims to store data across multiple clouds in a cost-efficient manner while maintaining high availability. CHARM uses both replication and erasure coding to redundantly store data blocks. It selects appropriate clouds and redundancy strategies to minimize monetary costs based on clouds' heterogeneous pricing policies and guarantee data availability. CHARM also rebalances data distribution in response to changes in data access patterns and cloud pricing.
IOT meetup presentation
Presentation for the St.Louis IOT meetup on building a modern data architecture tailored to handle IOT data. The focus of the presentation is the serving layer featuring Apache Cassandra.
Big Data Day LA 2015 - Always-on Ingestion for Data at Scale by Arvind Prabha...
While the last few years have seen great advancements in computing paradigms for big data stores, there remains one critical bottleneck in this architecture - the ingestion process. Instead of immediate insights into the data, a poor ingestion process can cause headaches and problems to no end. On the other hand, a well-designed ingestion infrastructure should give you real-time visibility into how your systems are functioning at any given time. This can significantly increase the overall effectiveness of your ad-campaigns, fraud-detection systems, preventive-maintenance systems, or other critical applications underpinning your business.
In this session we will explore various modes of ingest including pipelining, pub-sub, and micro-batching, and identify the use-cases where these can be applied. We will present this in the context of open source frameworks such as Apache Flume, Kafka, among others that can be used to build related solutions. We will also present when and how to use multiple modes and frameworks together to form hybrid solutions that can address non-trivial ingest requirements with little or no extra overhead. Through this discussion we will drill-down into details of configuration and sizing for these frameworks to ensure optimal operations and utilization for long-running deployments.
Deduplication in Open Spurce Cloud
Deduplication is a technique that eliminates redundant data by storing only a single copy of identical files or blocks to reduce storage needs. It can provide major savings, especially in backup environments where it saves more than 90% of storage space in common scenarios. There are two main deduplication strategies - file level deduplication stores a single copy of each file, while block level deduplication divides files into blocks and stores only unique blocks. Deduplication can occur at different locations like the client or server, and can be done in-line during data transfer or later in batches, with different throughput impacts. It is widely used in backup systems and disaster recovery due to its storage-saving nature.
Data Back-Up and Recovery Techniques for Cloud Server Using Seed Block Algorithm
In cloud computing, data generated in electronic form are large in amount. To maintain this data efficiently, there is a necessity of data recovery services. To cater this, we propose a smart remote data backup algorithm, Seed Block Algorithm. The objective of proposed algorithm is twofold; first it help the users to collect information from any remote location in the absence of network connectivity and second to recover the files in case of the file deletion or if the cloud gets destroyed due to any reason. The time related issues are also being solved by proposed seed block algorithm such that it will take minimum time for the recovery process. Proposed seed block algorithm also focuses on the security concept for the back-up files stored at remote server, without using any of the existing encryption techniques.
week_2Lec02_CS422.pptx
The document provides an overview of parallel computing concepts including:
1) Implicit parallelism in microprocessor architectures has led to techniques like pipelining and superscalar execution to better utilize increasing transistor budgets, though dependencies limit parallelism.
2) Memory latency and bandwidth bottlenecks have shifted performance limitations to the memory system, though caches can improve effective latency through higher hit rates.
3) Communication costs, including startup time, per-hop latency, and per-word transfer time, are a major overhead in parallel programs that use techniques like message passing, packet routing, and cut-through routing to reduce communication costs.
More Related Content
What's hot
Apache Solr as a compressed, scalable, and high performance time series database
Apache Solr as a compressed, scalable, and high performance time series databaseFlorian Lautenschlager
This document summarizes Florian Lautenschlager's presentation at FOSDEM 2015 about using Apache Solr as a scalable time series database. The presentation discusses how to efficiently store billions of time-correlated data objects using data compression techniques and metadata in Solr documents. This allows fast retrieval of data points within milliseconds while using only 37GB of disk space for 68 billion objects. The document also outlines Solr's query capabilities and how custom functions can perform server-side decompression and aggregation for efficient querying of time series data stored in Solr.Encrypted DNS research @ nic.at
The talk presents fomr of the nic.at R&D work in the fields of Encrypted DNS. The main topics are standardization efforts (and reasoning) about EDNS(0) padding, and a cost estimation of DNS over TLS.
This talk was giving in July 2017 at JSCA, an event of the .fr ccTLD operator AFNIC:
Tradeoffs in Automatic Provenance Capture
Presentation from IPAW 2016. Preprint http://dare.ubvu.vu.nl/handle/1871/54358
DOI: http://doi.org/10.1007/978-3-319-40593-3_3
DSD-INT 2017 The use of big data for dredging - De Boer
Presentation by Gerben de Boer (van Oord) at the Symposium Earth Observation and Data Science, during Delft Software Days - Edition 2017. Thursday, 2 November 2017, Delft.
The new time series kid on the block
Chronix is a time series database that can efficiently store billions of time series data points in a small amount of disk space and retrieve data within milliseconds. It works by splitting time series into fixed-size chunks, compressing the chunks, and storing the compressed chunks and associated metadata in Solr/Lucene records. Chronix provides common time series aggregations, transformations, and analyses through its API. The developers tuned Chronix's performance by evaluating different compression techniques and chunk sizes on real-world datasets. Chronix outperformed other time series databases in storage needs, query speed, and memory usage in their tests.
Data Management in Cloud Platforms
This document discusses data management in cloud platforms. It begins with an introduction to cloud computing, noting its benefits like reduced costs and ability to scale resources. It then covers cloud characteristics like elasticity and security risks. The document discusses data analysis challenges in clouds like fault tolerance and heterogeneous environments. It focuses on data replication techniques between master and slave nodes and different replication types. It also covers master-slave election processes to select a primary node and considers factors like priority, network partitions, and quick detection of a failed primary.
ResCUE rational behind FPGA
FPGAs are proposed as a solution to speed up DNA variation identification while lowering power consumption compared to GPUs. FPGAs can handle both the large amounts of genomic data involved in analysis as well as the sequential and parallel processes like Hidden Markov Models 6 times faster than GPUs. FPGAs are also more power efficient than GPUs for algorithms like k-Nearest Neighbors that are 8 times less power consuming on FPGAs. Based on these factors, FPGAs are concluded to be the best solution for algorithms like XHMM and CLAMMS used in genomics analysis.
Load Balancing In Cloud Computing newppt
The document discusses various load balancing algorithms for cloud computing including round robin, first come first serve (FCFS), and simulated annealing. It provides implementations of each algorithm in CloudSim and compares the results. Round robin and FCFS showed similar overall response times, data center processing times, and maximum/minimum values. Simulated annealing had slightly lower average overall response time. The document proposes using a genetic algorithm for host-side optimization to select the best host for virtual machine requests.
Replication and rebuild in cStor
cStor is a resilient storage engine built with proven building blocks of storage components. The storage block layer is derived from the user space ZFS inherited from the proven OpenSolaris stack. The volumes can be accessed via iSCSI Target which is derived from Linux to BSD port. Both of these core components of cStor have been field tested at thousands of installations for many years.
Cassandra To Infinity And Beyond
How Teads scale with Apache Cassandra.
Internet scale means tons of data, read heavy workload, massive data ingestion and low latency.
The French AdTech company Teads uses Cassandra massively, a reliable and performant Open Source database.
Spawning Cassandra nodes in AWS is a piece of cake with Terraform and Chef.
Introducing gluster filesystem by aditya
GlusterFS is an open-source clustered file system that aggregates disk resources from multiple servers into a single global namespace. It scales to several petabytes and thousands of clients. GlusterFS clusters storage over RDMA or TCP/IP, managing data through a unified namespace. Its stackable userspace design delivers high performance for diverse workloads.
OSDC 2013 | Neues in DRBD9 by Philipp Reisner
DRBD is a block based replication solution, known and available for years under Linux. DRBD allows the implementation of high available systems without SAN. Further use cases are the implementation of storage heads for IP based SANs and long-distance replications over the internet.
At present DRBD has a general limitation on two nodes. With DRBD 9 a new release (beta) is under way, allowing for the first time a replication up to 30 nodes.
With these features many application possibilities open up for cluster file systems, storage for virtual machines “cloud storage”, and much more.
Scaling Islandora
As service providers and primary code contributors in the Islandora Community, discoverygarden encounters customers who are ingesting, accessing, and storing high volumes of data. For example, a customer who had 150,000 objects in 2012 now has three million objects and expectations to grow to five million in the very short term. This is increasingly common.
As repositories grow in size they can encounter poor performance, particularly during large ingests and derivative generation. To accommodate growing repositories caching mechanisms, infrastructure changes, and code updates are necessary.
The presentation will explore customer case studies that demonstrate interim solutions and the extensive, ongoing research and development to find long-term solutions.
Provenance for Data Munging Environments
Data munging is a crucial task across domains ranging from drug discovery and policy studies to data science. Indeed, it has been reported that data munging accounts for 60% of the time spent in data analysis. Because data munging involves a wide variety of tasks using data from multiple sources, it often becomes difficult to understand how a cleaned dataset was actually produced (i.e. its provenance). In this talk, I discuss our recent work on tracking data provenance within desktop systems, which addresses problems of efficient and fine grained capture. I also describe our work on scalable provence tracking within a triple store/graph database that supports messy web data. Finally, I briefly touch on whether we will move from adhoc data munging approaches to more declarative knowledge representation languages such as Probabilistic Soft Logic.
Presented at Information Sciences Institute - August 13, 2015
A Fast and Efficient Time Series Storage Based on Apache Solr
OSDC 2016, Berlin: Talk by Florian Lautenschlager (@flolaut, Senior Software Engineer at QAware)
Abstract: How to store billions of time series points and access them within a few milliseconds? Chronix! Chronix is a young but mature open source project that allows one for example to store about 15 GB (csv) of time series in 238 MB with average query times of 21 ms. Chronix is built on top of Apache Solr a bulletproof distributed NoSQL database with impressive search capabilities. In this code-intense session we show how Chronix achieves its efficiency in both respects by means of an ideal chunking, by selecting the best compression technique, by enhancing the stored data with (pre-computed) attributes, and by specialized query functions.
What's hot (15)
Apache Solr as a compressed, scalable, and high performance time series database
Apache Solr as a compressed, scalable, and high performance time series database
DSD-INT 2017 The use of big data for dredging - De Boer
DSD-INT 2017 The use of big data for dredging - De Boer
A Fast and Efficient Time Series Storage Based on Apache Solr
A Fast and Efficient Time Series Storage Based on Apache Solr
Similar to A novel approach to prevent cache based side-channel attack in the cloud (1)
Autopilot : Securing Cloud Native Storage
As enterprises adopt cloud native infrastructure to run their applications, data security and compliance is becoming a crucial area of interest. When you run your containers in a public cloud, you want to make sure that the data being accessed is secure and that there are no bread crumbs left behind once the container exits. A common mistake many people make is to host-mount a volume directly inside a container, which leaves the container's data behind (directly on the host.)
In this session, we focus on the best practices for ensuring the security and compliance of your applications’ persistent volumes. But ensuring security is an on-going exercise. Ideally you would deploy intelligent software that can constantly monitor and audit the application environment for security holes and breaches.
Autopilot is an automated application runtime management engine built for Kubernetes, and is an open source project sponsored by Portworx: https://github.com/libopenstorage/autopilot
Presented by Gunjan Patel, Gou Rao, and Aditya Dani, January 2019. More details here: https://www.meetup.com/openstack/events/258284618/
CHARM(A Cost-Efficient Multi-Cloud Data Hosting Scheme with High Availability)
The document proposes a multi-cloud data hosting scheme called CHARM that aims to store data across multiple clouds in a cost-efficient manner while maintaining high availability. CHARM uses both replication and erasure coding to redundantly store data blocks. It selects appropriate clouds and redundancy strategies to minimize monetary costs based on clouds' heterogeneous pricing policies and guarantee data availability. CHARM also rebalances data distribution in response to changes in data access patterns and cloud pricing.
IOT meetup presentation
Presentation for the St.Louis IOT meetup on building a modern data architecture tailored to handle IOT data. The focus of the presentation is the serving layer featuring Apache Cassandra.
Big Data Day LA 2015 - Always-on Ingestion for Data at Scale by Arvind Prabha...
While the last few years have seen great advancements in computing paradigms for big data stores, there remains one critical bottleneck in this architecture - the ingestion process. Instead of immediate insights into the data, a poor ingestion process can cause headaches and problems to no end. On the other hand, a well-designed ingestion infrastructure should give you real-time visibility into how your systems are functioning at any given time. This can significantly increase the overall effectiveness of your ad-campaigns, fraud-detection systems, preventive-maintenance systems, or other critical applications underpinning your business.
In this session we will explore various modes of ingest including pipelining, pub-sub, and micro-batching, and identify the use-cases where these can be applied. We will present this in the context of open source frameworks such as Apache Flume, Kafka, among others that can be used to build related solutions. We will also present when and how to use multiple modes and frameworks together to form hybrid solutions that can address non-trivial ingest requirements with little or no extra overhead. Through this discussion we will drill-down into details of configuration and sizing for these frameworks to ensure optimal operations and utilization for long-running deployments.
Deduplication in Open Spurce Cloud
Deduplication is a technique that eliminates redundant data by storing only a single copy of identical files or blocks to reduce storage needs. It can provide major savings, especially in backup environments where it saves more than 90% of storage space in common scenarios. There are two main deduplication strategies - file level deduplication stores a single copy of each file, while block level deduplication divides files into blocks and stores only unique blocks. Deduplication can occur at different locations like the client or server, and can be done in-line during data transfer or later in batches, with different throughput impacts. It is widely used in backup systems and disaster recovery due to its storage-saving nature.
Data Back-Up and Recovery Techniques for Cloud Server Using Seed Block Algorithm
In cloud computing, data generated in electronic form are large in amount. To maintain this data efficiently, there is a necessity of data recovery services. To cater this, we propose a smart remote data backup algorithm, Seed Block Algorithm. The objective of proposed algorithm is twofold; first it help the users to collect information from any remote location in the absence of network connectivity and second to recover the files in case of the file deletion or if the cloud gets destroyed due to any reason. The time related issues are also being solved by proposed seed block algorithm such that it will take minimum time for the recovery process. Proposed seed block algorithm also focuses on the security concept for the back-up files stored at remote server, without using any of the existing encryption techniques.
week_2Lec02_CS422.pptx
The document provides an overview of parallel computing concepts including:
1) Implicit parallelism in microprocessor architectures has led to techniques like pipelining and superscalar execution to better utilize increasing transistor budgets, though dependencies limit parallelism.
2) Memory latency and bandwidth bottlenecks have shifted performance limitations to the memory system, though caches can improve effective latency through higher hit rates.
3) Communication costs, including startup time, per-hop latency, and per-word transfer time, are a major overhead in parallel programs that use techniques like message passing, packet routing, and cut-through routing to reduce communication costs.
Understanding application requirements
The document discusses cloud computing and how to properly size cloud resources for applications. It defines cloud computing as on-demand access to configurable computing resources over a network. Key aspects are ubiquitous access, rapid provisioning and release of resources with minimal management, and sharing resources in a configurable pool. Properly sizing resources involves understanding both the supply of offerings from cloud providers as well as the demand requirements of the specific application. Factors like CPU, storage, memory, and network needs must be assessed based on the application's usage patterns to ensure optimal performance.
Towards the extinction of mega data centres? To which extent should the Clou...
Keynote by Thierry Coupaye at the IEEE International Conference on Cloud Networking, Niagara Falls, Canada, October 2015.
Summary: Cloud computing emerged, a decade or so ago, from underused computing and storage ressources in Internet players mega data centres that were thought to be provided "as a service". As a result of this inception, Cloud is often considered as a synonym for massive data center, which somehow fuels a very centralised vision of (cloud) computing and storage provision. However, we might be at a time in which the pendulum begins to swing back. Indeed, several initiatives are emerging around a vision of more geographically distributed clouds where computing and storage resources are made available at the edge of the network, close to users, in complement or replacement of massive remote data centres. This presentation discusses, through some examples, the evolution of cloud architectures towards more distribution, the signs and stakes of these mutations.
Notes
This document discusses cloud computing concepts including origins, definitions, characteristics, deployment models, service models, virtualization benefits, and economic principles. Specifically:
- Cloud computing originated from telecommunications networks and focuses on abstracting internal components while defining overall architecture and interfaces.
- Key characteristics include on-demand access to pooled resources over the network, rapid elasticity, and metered usage-based billing.
- Virtualization provides abstraction between hardware and software for location-independent and flexible resource allocation.
- Economic principles demonstrate how cloud computing can reduce costs compared to traditional fixed infrastructure models through pay-per-use pricing and scaling to fluctuating demand.
Cloud Native Microservices - Building Blocks for Digital Innovation
This document discusses cloud-native microservices and their role in digital innovation. It notes that microservices allow for increased speed, availability, and the ability to quickly rollback changes through abstraction, decoupling, and isolation. This enables shorter lead times, reduced dependencies on people, and self-service capabilities. Cloud-native microservices can further reduce costs and increase portability by avoiding vendor lock-in. The document also outlines new practices like latency protection, automated canary analysis, and chaos testing that are needed to support cloud-native microservices at scale.
Harnessing the cloud for securely outsourcing large scale systems of linear e...
Harnessing the cloud for securely outsourcing large scale systems of linear e...JPINFOTECH JAYAPRAKASH
The document proposes a secure mechanism for outsourcing the solving of large-scale systems of linear equations to the cloud. It uses an iterative method rather than direct methods like Gaussian elimination, as iterative methods only require simpler matrix-vector operations. The mechanism enables a customer to securely outsource the iterative computation while keeping the input and output private. It also includes an efficient batch result verification mechanism that allows the customer to verify all answers from previous iterations in one batch, ensuring efficiency and robustness. Experiments show the method can provide computational savings for customers solving large-scale linear equations in the cloud.Cassandra in Operation
Some vignettes and advice based on prior experience with Cassandra clusters in live environments. Includes some material from other operational slides.
How Your DRAM Becomes a Security Problem
Since our attack methodology targets the DRAM, it is mostly independent of software flaws, operating system, virtualization technology and even CPU. The attack is based on the presence of a row buffer in all DRAM modules. While this buffer is of vital importance to the way DRAM works physically, they also provide an attack surface for a side channel attack.
Openstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaS
Openstack is an open source cloud operating system that provides infrastructure as a service capabilities. It includes components for compute (Nova), storage (Cinder, Swift, Manila), networking (Neutron), orchestration (Heat), metering (Ceilometer), and dashboard (Horizon). The document discusses these components in depth and how they provide infrastructure services. It also covers deployment options like Packstack, TripleO, and Ironic as well as other Openstack projects. The presentation introduces Openstack and its capabilities and components.
NetBackup CloudCatalyst – efficient, cost-effective deduplication to the cloud
NetBackup CloudCatalyst – efficient, cost-effective deduplication to the cloudVeritas Technologies LLC
Is your organization looking for a more efficient, cost-effective way to use public and private cloud storage as a backup target? Attend this session to find out how CloudCatalyst can help, by providing deduplication of backup data to object storage environments in both public and private clouds. You'll learn how you can use CloudCatalyst to achieve petabyte scale with minimal cache storage requirements, transfer data from a NetBackup Dedupe Media Server without going through a rehydration process, and much more. Don't miss this chance find out exactly how CloudCatalyst provides the most efficient and cost-effective backups from a data center, to the cloud, or in the cloud.Build cloud native solution using open source
Build cloud native solution using open source. I have tried to give a high level overview on How to build Cloud Native using CNCF graduated software's which are tested, proven and having many reference case studies and partner support for deployment
AppFabric Velocity
Dennis van der Stelt will give a presentation on using Velocity, Microsoft's distributed caching platform, for session state management and caching application data across web servers. The presentation will cover challenges for web server farms without caching, an overview of Velocity's architecture and features, different caching strategies in Velocity including partitioned and replicated caches, and best practices for developing a caching strategy and using Velocity.
OSCON 15 Building Opensource wtih Open Source
This document discusses how Midokura builds its virtualization software for networking using open source technologies. It explains that Midokura uses Zookeeper to provide consistency for tracking changes to the virtual network topology and state, and uses Cassandra for high write volumes to backup stateful connection tracking information like flow state and metrics. The document also describes how Midokura leverages distributed intelligence at the edge by pushing SDN intelligence to agents, and how it must optimize consistency, availability, and partition tolerance differently for different types of data.
Planning for Disaster Recovery (DR) with Galera Cluster
We talk a lot about Galera Cluster being great for High Availability, but what about Disaster Recovery (DR)? Database outages can occur when you lose a data centre due to data center power outages or natural disaster, so why not plan appropriately in advance?
In this webinar, we will discuss the business considerations including achieving the highest possible uptime, analysis business impact as well as risk, focus on disaster recovery itself, as well as discussing various scenarios, from having no offsite data to having synchronous replication to another data centre.
This webinar will cover MySQL with Galera Cluster, as well as branches MariaDB Galera Cluster as well as Percona XtraDB Cluster (PXC). We will focus on architecture solutions, DR scenarios and have you on your way to success at the end of it.
Similar to A novel approach to prevent cache based side-channel attack in the cloud (1) (20)
CHARM(A Cost-Efficient Multi-Cloud Data Hosting Scheme with High Availability)
CHARM(A Cost-Efficient Multi-Cloud Data Hosting Scheme with High Availability)
Big Data Day LA 2015 - Always-on Ingestion for Data at Scale by Arvind Prabha...
Big Data Day LA 2015 - Always-on Ingestion for Data at Scale by Arvind Prabha...
Data Back-Up and Recovery Techniques for Cloud Server Using Seed Block Algorithm
Data Back-Up and Recovery Techniques for Cloud Server Using Seed Block Algorithm
Towards the extinction of mega data centres? To which extent should the Clou...
Towards the extinction of mega data centres? To which extent should the Clou...
Cloud Native Microservices - Building Blocks for Digital Innovation
Cloud Native Microservices - Building Blocks for Digital Innovation
Harnessing the cloud for securely outsourcing large scale systems of linear e...
Harnessing the cloud for securely outsourcing large scale systems of linear e...
Openstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaS
Openstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaS
NetBackup CloudCatalyst – efficient, cost-effective deduplication to the cloud
NetBackup CloudCatalyst – efficient, cost-effective deduplication to the cloud
Planning for Disaster Recovery (DR) with Galera Cluster
Planning for Disaster Recovery (DR) with Galera Cluster
Recently uploaded
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
20240607 QFM018 Elixir Reading List May 2024
Everything I found interesting about the Elixir programming ecosystem in May 2024
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
“I’m still / I’m still / Chaining from the Block”
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Essentials of Automations: The Art of Triggers and Actions in FME
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
ここ3000字までしか入らないけどタイトルの方がたくさん文字入ると思います。
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Best 20 SEO Techniques To Improve Website Visibility In SERP
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
UiPath Test Automation using UiPath Test Suite series, part 6
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Video Streaming: Then, Now, and in the Future
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Presentation of the OECD Artificial Intelligence Review of Germany
Consult the full report at https://www.oecd.org/digital/oecd-artificial-intelligence-review-of-germany-609808d6-en.htm
Infrastructure Challenges in Scaling RAG with Custom AI models
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Removing Uninteresting Bytes in Software Fuzzing
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
How to Get CNIC Information System with Paksim Ga.pptx
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Recently uploaded (20)
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
A novel approach to prevent cache based side-channel attack in the cloud (1)
- 1. A Novel Approach to Prevent Cache-Based Side-Channel Attack in the Cloud Writtenby MuhammedSadiqueUK*, DivyaJamesin 2016
- 2. AGENDA 1. Cloud and side channels 2. Side channel attacks 3. Existing sol vs. proposed sol. 4. Decision algorithm 5. Conclusion
- 3. BACKGROUND ❏ THE CLOUD MODEL ❏ SIDE CHANNEL ❏ SIDE CHANNEL ATTACK ❏ CACHE BASED SIDE CHANNEL ATTACk
- 4. The Cloud Model ❏ Resources for more than one client ❏ Hidden details of infrastructure ❏ Always on ❏ Pay per use ❏ Servers accessed remotely ❏ Example : Amazon web services, Google cloud, Microsoft Azure
- 5. Side-Channel ❏ A mode of bypassing virtual machine for gaining information from the physical implementation rather than brute force or theoretical weaknesses in the algorithm
- 6. Side-Channel Attack ❏ A side channel attack is any attack based on information gained from the implementation of a computer system, rather than a weakness in the implemented algorithm itself. ❏ The things which can be exploited in side channel attack can be timing information, power consumption, electromagnetic leaks or even sound as all of these can provide an extra source of information.
- 7. How secure is your cache against side- channel attacks? ❏ caches are essential for the performance of modern computers ❏ Security-critical data can leak through very unexpected side channels, making side- channel attacks very dangerous threats
- 8. Cache-Based Side-Channel Attack ❏ Cache side channel attacks are basically attacks based on attackers ability to monitor cache accesses made by the victim in a shared physical system asi in virtualized environment or a type of cloud service ❏ AIM: Extract Information ❏ Source : leakage ❏ Procedure : convert leakage into information ❏ Types: sequential and parallel
- 9. Purpose of the paper ❏ cache-based side-channels in a cloud environment ❏ sequential type of side channel attack. ❏ There are several server-side defences inpace to handle cache-based side channels. ❏ Ex. cache flushing - Make cache useless ❏ prevent the side-channel’s occurrence - an algorithm designed to implement the technique. ❏ Minimalistic fashion to help minimize resulting overhead
- 10. Existing solution vs. suggested solution
- 11. Currentscenario ❏ Focusses on flushing the cache ❏ Reduces usefulness of the cache ❏ Increased cost due to flushing the cache Solution ❏ Focuses on disabling the difference in access time ❏ Includes two new functions in hypervisor: wait function, Algorithm ❏ Prevents time information parameter leakage in the cache of the cloud ❏ Usefulness of cache, decrease the cost and prevent the data loss
- 12. Cache-Wait ❏ If the time taken for the cache miss is greater than the cache hit, Cache-Wait operates. ❏ Cache-Wait will hold the cache execution process for the specific time. ❏ The specific time is determined from the difference in the accessing time required for fetching data from the main memory and the cache memory. That is, the difference in accessing time required between cache miss and cache hit. ❏ In general, a wait would only be necessary before the Probe step
- 13. Decision Algorithm Function contextSwitch(DomX,DomY) { // from DomX to DomY If Main_T > Cache_T waitCache(); return; } EndFunction
- 14. Statistical Analysis This analysis suggests that algorithm is efficient
- 16. Conclusion ❏ cloud’s architecture is particularly susceptible to cache-based side-channel attacks. ❏ interfering with the cloud model is necessary ( ❏ sequential side-channels are taken care by their solution ❏ Focus cache-based side-channels in the Cloud and does not interfere with the Cloud model ❏ The time information parameter leakage ❏ Efficient algorithm proposed
- 17. Our Opinion ❏ Great job in reducing cost when ❏ Future plan is to implement this approach in real- time environment and in the Docker ❏ Amount of flush function execution is much more when there are five or more virtual machines. ❏ Parallel cache-based side channel attacks or hardware based side channel attacks are still large area to focus in security terms.
Editor's Notes
- AIM: preventing the time information parameter leakage in the cache in the cloud without affecting the cache functionality