S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX
- Resource accounting on SGX “enclaved” FaaS.
- Trusted timer: built using TSX + additional timer thread
- Model: function trusted by user, but not service provider(platform) => sandbox
- KMS, transitive attestation, encryption
- Implementation on Apache OpenWhisk
Towards Demystifying Serverless Machine Learning Training
- Implement a serverless distributed ML framework, LambdaML, including distributed optimization, communication (with a storage server) and synchronization
- Compare the FaaS and IaaS solution for distributed ML.
Trust more, serverless
- JS FaaS in SGX enclaves
- Google V8 engine/Duntape + SGX LKL + Apache OpenWhisk
- Key management
- Parallel, warm start, adjust to load
Clemmys: Towards Secure Remote Execution in FaaS
- SGX2: DMM to speedup enclave init
- OpenWhisk + Scone + Palaemon(KMS)
- Gateway(T) + Controller(U) + Worker(T): not all in the enclave
- Features: function chaining & verification
- Functions should be manually inspected