Publication Type
Journal Article
Version
acceptedVersion
Publication Date
1-2023
Abstract
As cloud services have become popular, and their adoption is growing, consumers are becoming more concerned about the cost of cloud services. Cloud Service Providers (CSPs) generally use a pay-per-use billing scheme in the cloud services model: consumers use resources as they needed and are billed for their resource usage. However, CSPs are untrusted and privileged; they have full control of the entire operating system (OS) and may tamper with bills to cheat consumers. So, how to provide a trusted solution that can keep track of and verify the consumers’ resource usage has been a challenging problem. In this paper, we propose a T-Counter framework based on Intel SGX. The T-Counter allows applications to construct a trusted solution to measure its CPU usage by itself in cloud computing. These constructed applications are instrumented with counters in basic blocks and added three components in trusted parts to count instructions and defend against malicious CSPs’ manipulations. We propose two algorithms which selectively instrument counters in the CFG. T-Counter is implemented as an extension of the LLVM framework and integrated with the SGX SDK. Theoretical analyses and evaluations show that T-Counter can effectively measure CPU usage and defend against malicious CSPs’ manipulations.
Keywords
Resource Measurement, Instruction Accounting, SGX, Cloud Services, Control Flow Graph (CFG)
Discipline
Databases and Information Systems | Information Security
Research Areas
Cybersecurity
Publication
IEEE Transactions on Dependable and Secure Computing
Volume
20
Issue
1
First Page
867
Last Page
885
ISSN
1545-5971
Identifier
10.1109/TDSC.2022.3145814
Publisher
Institute of Electrical and Electronics Engineers
Citation
DONG, Chuntao; SHEN, Qingni; DING, Xuhua; YU, Daoqing; LUO, Wu; WU, Pengfei; and WU, Zhonghai.
T-counter: Trustworthy and efficient CPU resource measurement using SGX in the cloud. (2023). IEEE Transactions on Dependable and Secure Computing. 20, (1), 867-885.
Available at: https://ink.library.smu.edu.sg/sis_research/6968
Copyright Owner and License
Authors
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
https://doi.org/10.1109/TDSC.2022.3145814