Distinguished Guest Speaker: Prof. Trent Jaeger

Designing system platforms for cloud and edge computing

The emergence of modern computing paradigms, such as cloud computing and edge computing, presents new challenges in the design of system platforms that ensure enforcement of application security requirements.  Currently, such system platforms consist of a variety of mutually-trusting, privileged services, but prior experiences in desktop and server systems, circa 2000, demonstrated that platforms based on privileged services were prone to host compromise and large-scale attacks.  As several vulnerabilities have been reported in new cloud platforms (e.g., 150+ in OpenStack), perhaps little stands in the way of large-scale attacks against these platforms.  In this talk, I will examine how the solutions used to mitigate host compromise for desktop and server OSes will be insufficient for modern computing environments, and explore design principles for building secure distributed system computing platforms.  Specifically, I will discuss our experiences in the development of the Pileus cloud service architecture, which creates operation-specific system platforms for each cloud operation on-the-fly to prevent vulnerabilities in cloud services from enabling malicious users to gain unauthorized access.  Pileus combines decentralized information flow control (DIFC) with principles to confine the authority necessary to run cloud operations, which is key in preventing unauthorized access. We have ported the OpenStack cloud platform to Pileus, finding that we can systematically prevent compromised cloud services from attacking other users’ cloud operations with less than 3% additional operation latency.  I will also discuss how to apply the lessons learned here to emerging microservice and edge computing platforms.

Bio: Trent Jaeger is a Professor in the Computer Science and Engineering Department at The Pennsylvania State University and the Co-Director of the Systems and Internet Infrastructure Security (SIIS) Lab.  Trent’s research interests include operating systems security and the application of programming language techniques to software security. He has published over 125 refereed research papers and is the author of the book "Operating Systems Security," which examines the principles of designs for secure operating systems.  Trent has made a variety of contributions to open source systems security, particularly to the Linux Security Modules framework, Linux Integrity Measurement framework, and recently, security namespaces for Linux containers. He was Chair of the ACM Special Interest Group on Security, Audit, and Control (ACM SIGSAC) from 2013-2017, and is on the steering committees for the ACM Conference on Computer and Communications Security (ACM CCS) and the Network and Distributed Systems Security Symposium (NDSS) as chair.  Trent has an M.S. and a Ph.D. from the University of Michigan, Ann Arbor in Computer Science and Engineering, respectively, and spent nine years at IBM Research prior to joining Penn State.

Host: Yinqian Zhang