Secure Serverless Computing using Dynamic Information Flow Control

Kalev Alpernas; Cormac Flanagan; Sadjad Fouladi; Leonid Ryzhyk; Mooly Sagiv; Keith Winstein

doi:10.1145/3276488

Secure Serverless Computing using Dynamic Information Flow Control

Kalev Alpernas, Cormac Flanagan, Sadjad Fouladi, Leonid Ryzhyk, Mooly Sagiv, Keith Winstein

Tel Aviv University

Research output: Contribution to journal › Article › peer-review

Abstract

The rise of serverless computing provides an opportunity to rethink cloud security. We present an approach for securing serverless systems using a novel form of dynamic information flow control (IFC). We show that in serverless applications, the termination channel found in most existing IFC systems can be arbitrarily amplified via multiple concurrent requests, necessitating a stronger termination-sensitive non-interference guarantee, which we achieve using a combination of static labeling of serverless processes and dynamic faceted labeling of persistent data. We describe our implementation of this approach on top of JavaScript for AWS Lambda and OpenWhisk serverless platforms, and present three realistic case studies showing that it can enforce important IFC security properties with modest overhead.

Original language	English
Article number	118
Journal	Proceedings of the ACM on Programming Languages
Volume	2
Issue number	OOPSLA
DOIs	https://doi.org/10.1145/3276488
State	Published - Nov 2018

Keywords

Cloud Computing
Information Flow Control
Serverless

All Science Journal Classification (ASJC) codes

Software
Safety, Risk, Reliability and Quality

Access to Document

10.1145/3276488

Cite this

@article{3c3ff7cce8864e72892e2388eae57f57,

title = "Secure Serverless Computing using Dynamic Information Flow Control",

abstract = "The rise of serverless computing provides an opportunity to rethink cloud security. We present an approach for securing serverless systems using a novel form of dynamic information flow control (IFC). We show that in serverless applications, the termination channel found in most existing IFC systems can be arbitrarily amplified via multiple concurrent requests, necessitating a stronger termination-sensitive non-interference guarantee, which we achieve using a combination of static labeling of serverless processes and dynamic faceted labeling of persistent data. We describe our implementation of this approach on top of JavaScript for AWS Lambda and OpenWhisk serverless platforms, and present three realistic case studies showing that it can enforce important IFC security properties with modest overhead.",

keywords = "Cloud Computing, Information Flow Control, Serverless",

author = "Kalev Alpernas and Cormac Flanagan and Sadjad Fouladi and Leonid Ryzhyk and Mooly Sagiv and Keith Winstein",

note = "Publisher Copyright: {\textcopyright} 2018 Copyright held by the owner/author(s).",

year = "2018",

month = nov,

doi = "10.1145/3276488",

language = "الإنجليزيّة",

volume = "2",

journal = "Proceedings of the ACM on Programming Languages",

issn = "2475-1421",

publisher = "Association for Computing Machinery (ACM)",

number = "OOPSLA",

}

TY - JOUR

T1 - Secure Serverless Computing using Dynamic Information Flow Control

AU - Alpernas, Kalev

AU - Flanagan, Cormac

AU - Fouladi, Sadjad

AU - Ryzhyk, Leonid

AU - Sagiv, Mooly

AU - Winstein, Keith

PY - 2018/11

Y1 - 2018/11

N2 - The rise of serverless computing provides an opportunity to rethink cloud security. We present an approach for securing serverless systems using a novel form of dynamic information flow control (IFC). We show that in serverless applications, the termination channel found in most existing IFC systems can be arbitrarily amplified via multiple concurrent requests, necessitating a stronger termination-sensitive non-interference guarantee, which we achieve using a combination of static labeling of serverless processes and dynamic faceted labeling of persistent data. We describe our implementation of this approach on top of JavaScript for AWS Lambda and OpenWhisk serverless platforms, and present three realistic case studies showing that it can enforce important IFC security properties with modest overhead.

AB - The rise of serverless computing provides an opportunity to rethink cloud security. We present an approach for securing serverless systems using a novel form of dynamic information flow control (IFC). We show that in serverless applications, the termination channel found in most existing IFC systems can be arbitrarily amplified via multiple concurrent requests, necessitating a stronger termination-sensitive non-interference guarantee, which we achieve using a combination of static labeling of serverless processes and dynamic faceted labeling of persistent data. We describe our implementation of this approach on top of JavaScript for AWS Lambda and OpenWhisk serverless platforms, and present three realistic case studies showing that it can enforce important IFC security properties with modest overhead.

KW - Cloud Computing

KW - Information Flow Control

KW - Serverless

UR - http://www.scopus.com/inward/record.url?scp=85119674410&partnerID=8YFLogxK

U2 - 10.1145/3276488

DO - 10.1145/3276488

M3 - مقالة

SN - 2475-1421

VL - 2

JO - Proceedings of the ACM on Programming Languages

JF - Proceedings of the ACM on Programming Languages

IS - OOPSLA

M1 - 118

ER -

Secure Serverless Computing using Dynamic Information Flow Control

Abstract

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this