Member: Pierre-Louis Aublin
Category: Innovating
Tags: Fault-tolerance, Security, Privacy, Trusted Execution, Sustainability
Empowering users in Online services
Introduction
“The Internet’s potential is unlimited. As a worldwide resource, the Internet supports commerce, recreation, research, education, entertainment, and everything in between. But with different stakeholders and competing demands of the network, safeguarding the future of the Internet can seem like an impossible task.” – The Internet Society
The current landscape of Online services, i.e., services provided over the Internet (email, http, etc.) often prioritizes the needs of companies, such as control over user data or sales-driven process, over the needs of users, such as security and privacy or reliability.
This research project aims to shift the focus towards user-centric online services by integrating security and privacy, fault-tolerance, as well as sustainability into existing and future services, without sacrificing practicality.
We define the above concepts as follows:
- security combines both confidentiality (data and computation are protected from unauthorized access) and integrity (data and computation cannot be altered by malicious entities);
- privacy ensures users can control and understand what information about them is collected, how it is collected, and can control how this information is used and shared with others. Users might also prefer to remain anonymous. The GDPR is a good example of a regulation aimed at protecting users’ privacy on the Internet;
- fault-tolerance ensures service availability (the service is delivered as promised), resilience (the service is delivered even in the presence of errors or malicious behaviours), and availability (the service is ready to answer users’ requests);
- sustainability is often defined around three pillars: environmental, economic and social. In our context we aim at reducing the environmental impact of online services;
- practicality is achieved if the service can be used and effective to its users.
Approach
Our approach is based on our previous knowledge in security, privacy and fault-tolerance. Furthermore, we are working on improving them in online services from the point of view of the client, increasing his capabilities and guarantees it receives from the services.
In addition, we are exploring sustainable solutions. With climate change and international conflicts, it is not absurd to consider a shortage of electronic components, an innovation slowdown or increasing demand on environmental-friendly solutions.
There is a trade-off between security and privacy, fault-tolerance, sustainability and practicality. E.g., one could build a really secure cloud storage service that provides poor performance or useability, leading users to abandon it. Similarly, fault-tolerance generally requires running several machines in parallel, which is not sustainable from the point of view of the environment. We are exploring practical solutions that minimize this overhead so that they can effectively be used.
Current directions
Leveraging Trusted Execution Environments for making Internet applications secure
This project is tied to a JSPS KAKENHI Grant-in-Aid for Early-Career Scientists for the period FY 2021-2025 with a total budget of 2.6M JPY. The primary goal of the grant is to leverage Trusted Execution Environments to make online video games cheat-resistant by ensuring the integrity property. We are also exploring solutions to offer integrity to other applications.
More information can be found on the JSPS webpage.
Byzantine Fault-Tolerance for the masses
Fault-tolerance, in particular Byzantine Fault-Tolerance (BFT), enables an application to run correctly despite the presence of arbitrary faults (crash, corrupted message, attacker, etc.). It is a costly technique that requires the use of several machines, cryptographic operations and multiple additional communication rounds.
In this project we are exploring ways to reduce this overhead without compromising their robustness against faults or malicious behaviours.
Sustainability
We are interested in building a heterogeneous cluster, composed of nodes with different capabilities, in terms of CPU, memory, as well as in terms of CPU architecture, instruction set. The goal is to execute jobs on the “best” node depending on a series of requirements (such as reducing power usage, need for strong privacy, etc.).
News
- 2024-09 Work presented at FAU-Erlangen, TU Munich, Royal Holloway University and Imperial College London
- 2024-07 Two articles have been accepted by the IIJ Engineering blog
- 2023-10 Two articles have been accepted by the IIJ Engineering blog
- 2023-08 Arne Vogel, a PhD student from FAU-Erlangen in Germany, is starting a two-months internship to work on the BFT project
- 2023-03 paper presented at the SysTEX workshop
- 2022-12 poster presented at the AINTEC conference
- 2022-03 paper presented at the SysTEX workshop
- 2021-04 JSPS KAKENHI grant received
- 2020-04 poster presented at the EuroSys conference
Outputs
(A complete list can be found here.)
Scientific publications
- “Transparent Management of BFT Systems with TEE”. Bijun Li, and Pierre-Louis Aublin. In Proceedings of the 6th Workshop on System Software for Trusted Execution (SysTEX 2023). May 2023.
- “Easy-to-Adopt and Bottleneck-free Byzantine Fault Tolerant Protocols”. Pierre-Louis Aublin. In the 17th Asian Internet Engineering Conference (AINTEC). December 2022.
- “Towards TEEs with Large Secure Memory and Integrity Protection Against HW
Attacks”. Pierre-Louis Aublin, Mohammad Mahhouk, and Ruediger Kapitza. In the
5th Workshop on System Software for Trusted Execution (SysTEX 2022). March
Other publications
- “Toward Trusted Pictures to Combat Fake News”. IIJ Engineering blog. July
- “フェイクニュースと闘うための信頼できる写真を目指して”. IIJ Engineering blog. July 2024.
- “How to measure network latency using hardware timestamps”. IIJ Engineering blog. October 2023.
- “ハードウェアのタイムスタンプを使用してネットワークの待ち時間を測定する方法”. IIJ Engineering blog. October 2023.
Software
Software will be made open-source at the end of each subproject. Please come back later.
Reaching out
If you are interested in one of these projects, or have any question, please do not hesitate to contact me.