This paper was converted on www.awesomepapers.org from LaTeX by an anonymous user.
Want to know more? Visit the Converter page.

The Trusted Edge

“From non-starter to contender: making Edge Computing more appealing for business through intellectual property protection in open ecosystems.”
Christian Meurisch Technical University of DarmstadtHochschulstraße 10D-64289 DarmstadtGermany [email protected]

Edge computing promises to reshape the centralized nature of today’s cloud-based applications by bringing computing resources, at least in part, closer to the user (Shi and Dustdar, 2016). Reasons include the increasing need for real-time (short-delay, reliably-connected) computing and resource-demanding artificial intelligence (AI) algorithms that overstrain mobile devices’ batteries or compute power but are too bandwidth-demanding to be offloaded to a distant cloud (Zhou et al., 2019). For instance, autonomous driving/flying, 3D urban modeling, and augmented/virtual reality (AR/VR) applications are newly emerging use cases that would greatly benefit or be first made possible by edge computing (Qiu et al., 2018; Wang et al., 2018).

Although the roots of edge computing go back to the late 1990s (with a conceptual foundation based on ‘cloudlets’ in 2009 (Satyanarayanan, 2017)) and large consortia/initiatives like OpenFog and MEC (mobile edge computing) arose lately to push standardization forward (Wang et al., 2017), edge computing is not yet largely integrated into business models (if any, only in small company-owned ecosystems). Besides the complexity of management, which receives a lot of attention in research (Roman et al., 2018), two other ‘showstoppers’ indicated in (Satyanarayanan, 2017) by Satyanarayanan block the breakthrough of edge computing: (1) a bootstrapping problem—without large-enough deployments of available edge resources, there is little incentive for companies to create such decentralized new applications, and vice versa; (2) the weaker security measures than ‘the cloud’—mainly related to tampering and spying (Roman et al., 2018).

As the past has shown (e.g., the rise of the Internet), the most promising way to tackle Issue 1 is to foster an open edge computing ecosystem, which would attract investments from multiple parties while minimizing the individual risks. On the downside, companies may need to run their business logic on (untrusted) third-party devices (e.g., in urban infrastructures (Mühlhäuser et al., 2020; Baumgärtner et al., 2017; Nguyen et al., 2017)), leading to aggravated security issues111https://www.kaspersky.com/blog/secure-futures-magazine/edge-computing-cybersecurity/31935/ (see Issue 2): the risk of leaking confidential data, such as protected AI algorithms/models representing the companies’ intellectual property (IP) (Ma et al., 2020), is incalculable from today’s perspective, making edge computing a non-starter for most business applications. A recent study found that two-thirds of IT teams saw edge computing as more of a threat than an opportunity; more than half (52%52\%) see the threats as rooted in security concerns222https://www.techrepublic.com/article/66-of-it-teams-view-edge-computing-as-a-threat-to-organizations/. To me, the serious problem of IP protection in particular is one of the major challenges, which is largely underestimated, even ignored, especially in edge computing research.

The Need for Trusted Edge Computing (TEC)

One promising research direction to alleviate this problem is based on trusted computing (Mitchell, 2005), whereby the code is attested by a (hardware-based) trusted platform module to detect unauthorized changes and ensure consistent behavior in expected ways. Remote attestation (RA) is one path to securely verify the integrity of the code on an untrusted device (prover) by an external/distinct party (verifier). RA can potentially be performed over an open multi-hop network with public-key encryption required for authenticity (Carpent et al., 2017). Since the initial content is usually loaded from unprotected memory of the device, code integrity alone is not sufficient to keep the companies’ protected business logic confidential. First approaches (e.g., (Brasser et al., 2018)) exploit the secure channel established for RA to subsequently load confidential parts of the companies’ applications directly into the protected memory of the device (Henson and Taylor, 2014), ensuring confidentiality.

Although those ‘traditional’ hardware-based attestation concepts may be a good starting point and became widely available for different processor architectures (e.g., Intel SGX333https://www.intel.com/content/www/us/en/architecture-and-technology/software-guard-extensions.html, ARM TrustZone444https://www.arm.com/why-arm/technologies/trustzone-for-cortex-a/tee-and-smc) or cloud environments (e.g. Microsoft Azure555https://azure.microsoft.com/overview/azure-ip-advantage, https://azure.microsoft.com/solutions/confidential-compute), they are not directly applicable to edge computing with its inherent decentralized nature, heterogeneous devices, and real-time demands (Abera et al., 2016). Close research cooperation between both communities, the ‘edge computing’ community and the ‘security & privacy’ (or more specifically the ‘trusted computing’) community is therefore indispensable. Let us coin this interdisciplinary cooperation as trusted edge computing (TEC) with a prioritized overarching goal of developing concepts and methods to protect the business logic of application providers (and thereby their IP) that are specially tailored for open edge computing ecosystems.

Open Challenges

Accordingly, TEC is confronted with several inherent challenges including hardware and connectivity heterogeneity, support for specific platform concepts and services, performance, and scalability.

Hardware Heterogeneity

In edge computing, heterogeneous environments consisting of devices with different hardware and communication specifications are quite common. Especially for resource-constrained devices with an often missing trust anchor due to cost and complexity, lightweight and thus more challenging RA techniques need to be applied and further developed: software-based RA—only providing security guarantees when strong but partly unrealistic assumptions about adversarial behavior are made—or hybrid-based RA—representing a hardware/software co-design that requires at least some hardware features (e.g., memory isolation, exclusive secret key access) (Carpent et al., 2017).

Connectivity Heterogeneity

Assuming a 3n-tier edge computing architecture666The newly emerging 3n-tier architecture extends the traditional “device-cloud” paradigm to a three-tier “device-edge-cloud” setting (vertical), where additionally n interconnected edge nodes participate in the middle tier (horizontal)., participating edge devices may only have a multi-hop connection to the verifier, which is not necessarily reliable. Since software-based RA is not viable in such network settings due to the variable round-trip delays and the resulting skewed time measurements (Abera et al., 2016), hybrid-based RA is minimally necessary to ensure confidentiality; i.e., resource-constrained edge devices should, therefore, have at least a minimum set of aforementioned hardware features. Whether hybrid- or hardware-based RA, in both cases appropriate defense mechanisms against possible physical adversaries, decentralized network and side-channel attacks must be incorporated, either by adapting existing approaches (e.g., (Oleksenko et al., 2018)) or by developing specially designed approaches for edge computing environments.

Support for Specific Platform Concepts and Services

TEC must also support specific platform concepts for edge computing and services. Services can be developed as a set of small individual functions, modules or even other services (Meurisch et al., 2019) that are instantiated (in ms) and executed on demand (Boucher et al., 2018). These raise several challenges for TEC including (1) the need for runtime attestation to dynamic (un-)load modules at runtime (Abera et al., 2016), and (2) minimizing the size of the trusted computing base e.g. inside an SGX enclave due to the limited protected memory between 64-128 MB (depending on the hardware and implementation) and the resulting expensive swapping. For instance, container-based virtualization therefore requires lightweight TEC mechanisms (Arnautov et al., 2016), e.g., only loading the confidential service parts of a container into the enclave.

Performance Issues

TEC mechanisms, in turn, will inevitably lead to different performance overheads: (i) computational overheads both during the initialization process and at runtime, especially on resource-restricted edge devices (Kaup et al., 2018); (ii) overhead caused by employing protection mechanisms against side-channel attacks (Brasser et al., 2018). Due to the strict responsiveness requirements of edge computing, it is critical to achieve acceptable overheads and improve the tradeoff between security and performance. For instance, the dynamic provisioning of services or modules requires fast setup times in the range of micro- to milliseconds (Boucher et al., 2018); this can be realized by, among others, various pre-initialization stages like preloading encrypted AI algorithms/models (Meurisch et al., 2020a) or partitioning neural networks computation across multiple enclaves (Elgamal and Nahrstedt, 2020). Another way to improve responsiveness is the use of hardware accelerators such as GPUs and FPGAs for resource-intensive services, e.g., relying on deep learning models. These hardware accelerators become more and more an essential capability in edge computing, but their trust model is typically crude in a multi-tenant environment. Supporting trusted execution environments on GPUs of edge devices is an open challenge that TEC must address. (Volos et al., 2018)

Scalability Issues

Current RA techniques are often limited to a single-prover/-verifier scenario, which would not scale well in decentralized edge computing setups with many devices (referred to as device swarms). In particular, open specific challenges lie in designing RA mechanisms that must (i) be efficiently scalable to handle multiple edge devices in a typical 3-tier (or emerging 3n-tier) architecture, possibly with the support of a centralized trusted resource management as an ‘anchor’, e.g., by using Microsoft Azure5, (ii) cope with the potentially dynamic topology due to user mobility, and (iii) be independent of the underlying integrity measurement mechanisms used by the heterogeneous devices (Abera et al., 2016). To advance such swarm attestation, first approaches (e.g., (Carpent et al., 2017)) rely on purpose-built hash functions and/or (recursive) measurement aggregations. Further considerations such as caching of the encrypted functions at the edge and their distribution ways must be included in RA techniques to specifically fit into existing edge computing provisioning and resource management methods.

Looking Ahead

In addressing these challenges, TEC would not only enable IP protection for the providers but also privacy-preserving processing of (sensitive) end-user data in the next breath (Meurisch et al., 2019, 2017). For instance, TEC solutions may complement or make emerging ‘bring your own data’ (BYOD) concepts, such as the Databox (Perera et al., 2017) and PDSProxy (Meurisch et al., 2020b) concepts, practically applicable at all: they can allow a user to personalize untrusted (third-party) devices and their respective applications in a confidential and ad-hoc manner – a comprehensive literature survey is provided by (Meurisch and Mühlhäuser, 2021).

TEC may break down the entry barrier for business

This article makes the case for urgently needed interdisciplinary research in the sub-discipline of trusted edge computing, which goes far beyond authenticity and integrity through attestation: it particularly needs to focus on (1) confidentiality to protect the IP of companies and (2) the decentralized nature of heterogeneous edge nodes to efficiently establish trust in those remote (third-party) devices. Otherwise, edge computing risks being a non-starter for business: current research priorities are heading towards a situation of sophisticated, scalable computing platform concepts, but probably companies hesitate to use them – despite the demand for new applications – due to the inadequate and neglected protection of intellectual property, especially in open infrastructures.

References

  • (1)
  • Abera et al. (2016) Tigist Abera, N Asokan, Lucas Davi, Farinaz Koushanfar, Andrew Paverd, Ahmad-Reza Sadeghi, and Gene Tsudik. 2016. Things, Trouble, Trust: On Building Trust in IoT Systems. In DAC’16. ACM, 121–126.
  • Arnautov et al. (2016) Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, et al. 2016. SCONE: Secure Linux Containers with Intel SGX. In USENIX OSDI’16. 689–703.
  • Baumgärtner et al. (2017) Lars Baumgärtner, Stefan Kohlbrecher, Juliane Euler, Tobias Ritter, Milan Stute, Christian Meurisch, Max Mühlhauser, Matthias Hollick, Oskar von Stryk, and Bernd Freisleben. 2017. Emergency communication in challenged environments via unmanned ground and aerial vehicles. In 2017 IEEE Global Humanitarian Technology Conference (GHTC). IEEE, 1–9.
  • Boucher et al. (2018) Sol Boucher, Anuj Kalia, et al. 2018. Putting the ”Micro” back in Microservice. In USENIX ATC’18. 645–650.
  • Brasser et al. (2018) Ferdinand Brasser, Tommaso Frassetto, Korbinian Riedhammer, Ahmad-Reza Sadeghi, Thomas Schneider, and Christian Weinert. 2018. VoiceGuard: Secure and Private Speech Processing. In INTERSPEECH’18. 1303–1307.
  • Carpent et al. (2017) Xavier Carpent, Karim El Defrawy, Norrathep Rattanavipanon, and Gene Tsudik. 2017. Lightweight Swarm Attestation: A Tale of Two LISA-s. In Asia CCS’17. ACM, 86–100.
  • Elgamal and Nahrstedt (2020) Tarek Elgamal and Klara Nahrstedt. 2020. Serdab: An IoT framework for partitioning neural networks computation across multiple enclaves. In 20th IEEE/ACM Intl. Symposium on Cluster, Cloud and Internet Computing. IEEE, 519–528.
  • Henson and Taylor (2014) Michael Henson and Stephen Taylor. 2014. Memory Encryption: A Survey of Existing Techniques. ACM Comput. Surv. 46, 4, Article 53 (2014), 53:1–53:26 pages.
  • Kaup et al. (2018) Fabian Kaup, Stefan Hacker, Eike Mentzendorff, Christian Meurisch, and David Hausheer. 2018. The Progress of the Energy-efficiency of Single-board Computers. Tech. Rep. NetSys-TR-2018-01 (2018).
  • Ma et al. (2020) Bin Ma, Ziying Ye, Xufang Zhang, Jiajing Chen, Yang Zhou, and Qing Xia. 2020. Security of Edge Computing Based on Trusted Computing. In 2020 6th International Symposium on System and Software Reliability (ISSSR). IEEE, 132–137.
  • Meurisch et al. (2020b) Christian Meurisch, Bekir Bayrak, Florian Giger, and Max Mühlhäuser. 2020b. PDSProxy: Trusted IoT Proxies for Confidential Ad-hoc Personalization of AI Services. In 2020 29th International Conference on Computer Communications and Networks (ICCCN). IEEE, 1–2.
  • Meurisch et al. (2019) Christian Meurisch, Bekir Bayrak, and Max Mühlhäuser. 2019. AssistantGraph: An Approach for Reusable and Composable Data-driven Assistant Components. In 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), Vol. 1. IEEE, 513–522.
  • Meurisch et al. (2020a) Christian Meurisch, Bekir Bayrak, and Max Mühlhäuser. 2020a. Privacy-Preserving AI Services Through Data Decentralization (WWW ’20). ACM, 190–200.
  • Meurisch et al. (2017) Christian Meurisch, Bennet Jeutter, Wladimir Schmidt, Nickolas Gündling, Benedikt Schmidt, Fabian Herrlich, and Max Mühlhäuser. 2017. An Extensible Pervasive Platform for Large-scale Anticipatory Mobile Computing. In 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC), Vol. 1. IEEE, 459–464.
  • Meurisch and Mühlhäuser (2021) Christian Meurisch and Max Mühlhäuser. 2021. Data Protection in AI Services: A Survey. ACM Comput. Surv. 54, 2, Article 40 (March 2021), 38 pages.
  • Mitchell (2005) Chris Mitchell. 2005. Trusted Computing. Vol. 6. Iet.
  • Mühlhäuser et al. (2020) Max Mühlhäuser, Christian Meurisch, Michael Stein, Jörg Daubert, Julius Von Willich, Jan Riemann, and Lin Wang. 2020. Street Lamps as a Platform. Commun. ACM 63, 6 (May 2020), 75–83.
  • Nguyen et al. (2017) The An Binh Nguyen, Christian Meurisch, Stefan Niemczyk, Doreen Böhnstedt, Kurt Geihs, Max Mühlhäuser, and Ralf Steinmetz. 2017. Adaptive task-oriented message template for in-network processing. In 2017 International Conference on Networked Systems (NetSys). IEEE, 1–8.
  • Oleksenko et al. (2018) Oleksii Oleksenko, Bohdan Trach, Robert Krahn, Mark Silberstein, and Christof Fetzer. 2018. Varys: Protecting SGX Enclaves from Practical Side-Channel Attacks. In USENIX ATC’18. 227–240.
  • Perera et al. (2017) Charith Perera, Susan Wakenshaw, Tim Baarslag, Hamed Haddadi, Arosha Bandara, et al. 2017. Valorising the Iot Databox: Creating Value for Everyone. Transactions on Emerging Telecommunications Technologies 28, 1 (2017), 1–17.
  • Qiu et al. (2018) Hang Qiu, Fawad Ahmad, Fan Bai, et al. 2018. AVR: Augmented Vehicular Reality. In MobiSys’18. ACM, 81–95.
  • Roman et al. (2018) Rodrigo Roman, Javier Lopez, and Masahiro Mambo. 2018. Mobile Edge Computing, Fog Et Al.: A Survey and Analysis of Security Threats and Challenges. Future Generation Computer Systems 78 (2018), 680–698.
  • Satyanarayanan (2017) Mahadev Satyanarayanan. 2017. The Emergence of Edge Computing. Computer 50, 1 (2017), 30–39.
  • Shi and Dustdar (2016) Weisong Shi and Schahram Dustdar. 2016. The Promise of Edge Computing. Computer 49, 5 (2016), 78–81.
  • Volos et al. (2018) Stavros Volos, Kapil Vaswani, and Rodrigo Bruno. 2018. Graviton: Trusted execution environments on gpus. In 13th {\{USENIX}\} Symposium on Operating Systems Design and Implementation ({\{OSDI}\} 18). 681–696.
  • Wang et al. (2018) Lin Wang, Lei Jiao, Ting He, Jun Li, and Max Mühlhäuser. 2018. Service Entity Placement for Social Virtual Reality Applications in Edge Computing. In IEEE INFOCOM’18. IEEE, 468–476.
  • Wang et al. (2017) Shuo Wang, Xing Zhang, Yan Zhang, Lin Wang, Juwo Yang, and Wenbo Wang. 2017. A Survey on Mobile Edge Networks: Convergence of Computing, Caching and Communications. IEEE Access 5 (2017), 6757–6779.
  • Zhou et al. (2019) Zhi Zhou, Xu Chen, En Li, Liekang Zeng, Ke Luo, and Junshan Zhang. 2019. Edge Intelligence: Paving the Last Mile of Artificial Intelligence with Edge Computing. Proc. IEEE 107, 8 (2019), 1738–1762.