Skip to content
This repository contains SGX-PySpark demo for SGX-PySpark paper in proceedings of The Web Conference 2019 (formerly known as WWW2019)
Branch: master
Clone or download
Pull request Compare This branch is 1 commit ahead, 3 commits behind doflink:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
input
README.md
clean.sh
dump-memory.py
fspf.sh
memory-dump.sh
run.sh
start-log-service.sh

README.md

SGX-PySpark Demo

This repository contains SGX-PySpark demo.

Video

SGX-PySpark demo

Details

First, please shoot us (info@scontain.com) an email providing your Docker ID to get access to the Docker image: sconecuratedimages/www2019:sgx-pyspark

Try it out by executing:

git clone https://github.com/doflink/sgx-pyspark-demo && cd sgx-pyspark-demo 
docker run -it --rm -v `pwd`:/fspf  --privileged -p 8080:8080 -p 6868:6868 -p 28778:28778 sconecuratedimages/www2019:sgx-pyspark sh

Go to the demo directory:

 cd /fspf/

Create a file system protection file (meta file) to store all the metadata required for checking the consistency of files. Then add encrypted regions and encrypt the input PySpark codes and data. Store the encryption key and the tag of the fspf to the file keytag:

 ./fspf.sh

Export environment variables

export SCONE_FSPF_KEY=$(cat input/keytag | awk '{print $11}')
export SCONE_FSPF_TAG=$(cat input/keytag | awk '{print $9}')

Now, run the wordcount application with SGX-PySpark.

/spark/bin/spark-submit encrypted-files/enc-wordcount.py  input/encrypted-sensitive-input.txt  spark://$(hostname -f):7077 &> output.txt &

Try to dump memory of the application to steal secrets

./memory-dump.sh

Contacts

Send email to do.le_quoc@tu-dresden.de

Acknowledgements

This work has been supported by EU H2020 ICT project LEGaTO, contract #780681.

You can’t perform that action at this time.