Tutorial 1: Secure Execution in the Cloud Using Intel SGX
Speaker: Marcelo Pasin (University of Neuchatel, Switzerland)
Overview: Cloud computing is an appealing support for application deployment today. Its inherent resource sharing allows for economies of scale. Easy access and ubiquitous availability makes it very convenient. But the shared and remote nature of cloud resources render them tempting for attacks. One single cloud provider hosts data for multiple customers and an important financial gain may be achieved by exploiting their sensitive data. Trusted hardware features have recently hit the mainstream through their inclusion in commodity CPUs. We witness a rising interest in how this new hardware can be used to build trustworthy cloud applications.
This tutorial will provide an overview of the recent support in Intel CPUs for trusted execution of security-sensitive software using Software Guard Extensions (SGX). It will introduce the key concepts behind trusted execution and discuss the required support to create trustworthy applications in otherwise untrusted environments. It is structured in lectures on specific topics related to trusted hardware, a presentation of Intel SGX, and a hands-on practical exercise using the technology. The goal is to convey opportunities and challenges that the widespread availability of trusted execution features will bring, and how it will affect future cloud computing software.
Speaker's short biography: Marcelo Pasin is a researcher in the University of Neuchâtel (Switzerland) and an associate professor in the Arc Engineering School of the University of Applied Sciences and Arts Western Switzerland (HES-SO). He obtained a PhD degree in Computer Science from the National Polytechnic Institute of Grenoble (France, 1999), a master’s degree in computer science from the Federal University of Rio Grande do Sul (Porto Alegre, Brazil, 1994) and an electrical engineering degree from the Federal University of Santa Maria (Brazil, 1988). Marcelo’s research interests are large-scale distributed systems, with focus and publications on cloud computing security, resource management, fault- and intrusion tolerance, high performance computing and networking. He is a member of two research teams: the complex systems group in the University of Neuchatel, and the data analytics group in the Arc school of HES-SO.
Tutorial 2 : Singularity, an HPC Application Container
Speakers: Alexandre Dehne Garcia (INRA, France) and Martin Souchal (IN2P3, France)
Overview: Docker is mainstream container technology adopted by computer scientists and practitioners. There are, however, many other containers technologies with their advantages and drawbacks. Although Docker is scalable, enabling applications to be structured as micro-services, it is not suited to High Performance Computing (HPC). Singularity on the other hand strikes a balance considering maturity, ease of use and administration, functionality and security. In this tutorial the speakers will discuss container tecnologies suitable to HPC, present Singularity, and then offer out a hands-on section.
Speakers' short biographies: Alexandre Dehne Garcia, INRA (French National Institute for Agricultural Research) is a DevOps HPC system administrator engineer at CBGP Lab (Biology Center for Populations Husbandry) and INGENUM (INRA E-infrastructures for research).
Martin Souchal, IN2P3 (Institut National de Physique Nucléaire et de Physique des Particules) is a DevOps system administrator at APC Lab (Astroparticule et Cosmologie) and the technical manager of The François Arago Center, an HPC platform for space.
Both are part of ComputeOps (IN2P3 project on HPC research and development).
Tutorial 3: Deploying Distributed Computing Experiments using Grid'5000 / SILECS Testbed
Speakers: Simon Delamare (CNRS, ENS de Lyon, France), Frédéric Desprez (Inria, LIG, France) and David Loup (CNRS, ENS de Lyon, France)
Overview: This tutorial will present the Grid'5000 / SILECS platform and introduce its usage to set up distributed computing experiments. SILECS is a scientific instrument designed to support experiment-driven research in many areas of computer science. Among available SILECS' testbeds, Grid'5000 focuses on Cloud, HPC and other parallel and large-scale distributed computing deployments. Grid'5000 gives to users an easy access to a large number of hardware resources with high capacity of customization at every level of computer stack (from hardware to high level applications). Grid’5000 allows users to set-up large-scale and reproducible experiments. The platform is supported by major French scientific institutions (Inria, CNRS, Renater, Universities) and its official Grid’5000 website is: https://www.grid5000.fr