Publication Type

Journal Article

Version

acceptedVersion

Publication Date

1-2023

Abstract

As cloud services have become popular, and their adoption is growing, consumers are becoming more concerned about the cost of cloud services. Cloud Service Providers (CSPs) generally use a pay-per-use billing scheme in the cloud services model: consumers use resources as they needed and are billed for their resource usage. However, CSPs are untrusted and privileged; they have full control of the entire operating system (OS) and may tamper with bills to cheat consumers. So, how to provide a trusted solution that can keep track of and verify the consumers’ resource usage has been a challenging problem. In this paper, we propose a T-Counter framework based on Intel SGX. The T-Counter allows applications to construct a trusted solution to measure its CPU usage by itself in cloud computing. These constructed applications are instrumented with counters in basic blocks and added three components in trusted parts to count instructions and defend against malicious CSPs’ manipulations. We propose two algorithms which selectively instrument counters in the CFG. T-Counter is implemented as an extension of the LLVM framework and integrated with the SGX SDK. Theoretical analyses and evaluations show that T-Counter can effectively measure CPU usage and defend against malicious CSPs’ manipulations.

Keywords

Resource Measurement, Instruction Accounting, SGX, Cloud Services, Control Flow Graph (CFG)

Discipline

Databases and Information Systems | Information Security

Research Areas

Cybersecurity

Publication

IEEE Transactions on Dependable and Secure Computing

Volume

20

Issue

1

First Page

867

Last Page

885

ISSN

1545-5971

Identifier

10.1109/TDSC.2022.3145814

Publisher

Institute of Electrical and Electronics Engineers

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/TDSC.2022.3145814

Download

Share

COinS