Lightweight, Secure and Stateful Serverless Computing with PSL

Alex Thomas and Shubham Mishra and Eric Chen and John D. Kubiatowicz

EECS Department, University of California, Berkeley

Technical Report No. UCB/EECS-2024-191

October 25, 2024

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2024/EECS-2024-191.pdf

We present PSL, a lightweight, secure and stateful Function-as-a-Serivce (FaaS) framework for Trusted Execution Environments (TEEs). The framework provides rich programming language support on heterogeneous TEE hardware for statically compiled binaries and/or WebAssembly (WASM) bytecodes, with a familiar Key-Value Store (KVS) interface to secure, performant, network-embedded storage. It achieves near-native execution speeds by utilizing the dynamic memory mapping capabilities of Intel SGX2 to create an in-enclave WASM runtime with Just-In-Time (JIT) compilation. PSL is designed to efficiently operate within an asynchronous environment with a distributed tamper-proof confidential storage system, assuming minority failures. The system exchanges eventually-consistent state updates across nodes while utilizing release-consistent locking mechanisms to enhance transactional capabilities. The execution of PSL is up to 3.7x faster than the state-of-the-art SGX WASM runtime. PSL reaches 95k ops/s with YCSB 100% read workload and 89k ops/s with 50% read/write workload. We demonstrate the scalability and adaptivity of PSL through a case study of secure and distributed training of deep neural networks.

BibTeX citation:

@techreport{Thomas:EECS-2024-191,
    Author= {Thomas, Alex and Mishra, Shubham and Chen, Eric and Kubiatowicz, John D.},
    Title= {Lightweight, Secure and Stateful Serverless Computing with PSL},
    Year= {2024},
    Month= {Oct},
    Url= {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2024/EECS-2024-191.html},
    Number= {UCB/EECS-2024-191},
    Abstract= {We present PSL, a lightweight, secure and stateful Function-as-a-Serivce (FaaS) framework for Trusted Execution Environments (TEEs). The framework provides rich programming language support on heterogeneous TEE hardware for statically compiled binaries and/or WebAssembly (WASM) bytecodes, with a familiar Key-Value Store (KVS) interface to secure, performant, network-embedded storage. It achieves near-native execution speeds by utilizing the dynamic memory mapping capabilities of Intel SGX2 to create an in-enclave WASM runtime with Just-In-Time (JIT) compilation. PSL is designed to efficiently operate within an asynchronous environment with a distributed tamper-proof confidential storage system, assuming minority failures. The system exchanges eventually-consistent state updates across nodes while utilizing release-consistent locking mechanisms to enhance transactional capabilities. The execution of PSL is up to 3.7x faster than the state-of-the-art SGX WASM runtime. PSL reaches 95k ops/s with YCSB 100% read workload and 89k ops/s with 50% read/write workload. We demonstrate the scalability and adaptivity of PSL through a case study of secure and distributed training of deep neural networks.},
}

EndNote citation:

%0 Report
%A Thomas, Alex 
%A Mishra, Shubham 
%A Chen, Eric 
%A Kubiatowicz, John D. 
%T Lightweight, Secure and Stateful Serverless Computing with PSL
%I EECS Department, University of California, Berkeley
%D 2024
%8 October 25
%@ UCB/EECS-2024-191
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2024/EECS-2024-191.html
%F Thomas:EECS-2024-191