Skip to content

SSGAalto/sfaas

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

common/include

common/include

 
 

js-files

js-files

 
 

src

src

 
 

Makefile

Makefile

 
 

Readme.md

Readme.md

 
 

client.py

client.py

 
 

json.md

json.md

 
 

Repository files navigation

Trustworthy & Accountable Function-as-a-Service

This is the source code repository of the paper "S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX", published at the 2019 ACM Cloud Computing Security Workshop. An early version of this paper can be viewed here on arxiv: https://arxiv.org/abs/1810.06080

Installation

The enclave uses Duktape as JS Engine. If the project does not compile for you, you might have to generate the Duktape files for your own machine. Do this by downloading its code from https://github.com/svaarala/duktape and executing the configure.py in the tools folder. This generates the Duktape files that you can then place in the src/enclave/duktape folder.

Requirements are

sudo apt install libboost-program-options-dev libboost-system-dev libb64-dev

For the configuration file, run

python2 genconfig.py  --metadata ../config/ \
    --option-file ./duktape-config.yml \
    --output ./duk_config.h \
    --platform=linux --compiler=gcc \
    --architecture=x64 \
    duk-config-header

To create other files, run

python2 configure.py
    --option-file ~/git/sgx-js/js_app/duktape-config.yml \
    --output-directory ~/git/sgx-js/js_app/src/enclave/duktape \
    --platform=linux --compiler=clang \
    --architecture=x64

And place the resulting duk_config.h in the src/enclave/duktape directory, overwriting the pregenerated file.

Changes to duktape

These changes are very similar to here: evervault/node-secureworker#10

duk_config:

  1. Comment out line 261,262 (include of sys/params.h and sys/time.h)
  2. Comment out #define DUK_USE_DATE_NOW_GETTIMEOFDAY , #define DUK_USE_DATE_TZO_GMTIME_R, #define DUK_USE_DATE_PRS_STRPTIME , #define DUK_USE_DATE_FMT_STRFTIME
  3. Add OVERRIDE_DEFINES:
#define DUK_USE_DATE_GET_NOW(ctx)  -1
#define DUK_USE_DATE_GET_LOCAL_TZOFFSET(d) -1
  1. In duk__format_parts_iso8601 : Rewrite calls to DUK_SNPRINTF into calls to DUK_SPRINTF (without N). As size, provide: (size_t) DUK_BI_DATE_ISO8601_BUFSIZE.

Usage

# Open one console and prepare the js app
cd js_app
make all
# create a new key file named keys sealed
./js-tsx -n -p "keys.sealed" -v

# In another console, prepare the client input
cd tsx-py/tsx
python3 client.py -i ./js-files/hello_world.json -k ./js-files/keys.json -o ./js-files/enc.json -v

# Now run js app in first console
./js-tsx -r "keys.sealed" -x js-files/hello_world.js -i js-files/enc.json  -v



./app.exe -n -p ./keys.sealed -r ./keys.sealed -x js-files/hello_world.js -i js-files/hello_world.json
python3 client.py -i js-files/hello_world.json -v -k js-files/keys.json

Use -v and -d flags to show enclave logging

About

SGX-secured Function-as-a-Service

Resources

Readme
Activity
Custom properties

Stars

14 stars

Watchers

4 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages