S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX

September 12, 2021 at 10:13 pm
Application Paper Security SGX System

PDF

  • Resource accounting on SGX “enclaved” FaaS.
  • Trusted timer: built using TSX + additional timer thread
  • Model: function trusted by user, but not service provider(platform) => sandbox
  • KMS, transitive attestation, encryption
  • Implementation on Apache OpenWhisk