Performance Aware Secure Code Partitioning Sri Hari Krishna Narayanan, Mahmut Kandemir, Richard Brooks Presenter : Sri Hari Krishna Narayanan Outline • • • • • • Introduction to secure code partitioning Motivation through multi level security Our Code Partitioning Domain Workload Balancing Algorithm Example Results 2 Introduction • Secure code partitioning is a process that partitions code and data among several mutually untrusted hosts that need to co-operate to complete a task in parallel. Original Application and data Authenticated trust declarations Compiler thread thread thread H0 H1 H2 thread H3 thread H4 3 Motivation – Multi level security • • Why performance aware? - Secure code partitioning when performed in a performance agnostic manner can lead to skewed load across the hosts. Let us look at Multi-Level-Security (MLS) • Uses qualifiers on data to classify them according to their sensitivity level. • Uses qualifiers on hosts to classify them according to their capability level. Classic MLS lattice of 4 levels unclassified < confidential < secret < top secret Categories – Used to separate data COMINT, HUMINT, ELINT Data A : (CONFIDENTIAL) (CONFIDENTIAL, {ELINT}) Data B : (SECRET, (SECRET) {COMINT}) Data C : (UNCLASSIFIED (UNCLASSIFIED), {HUMINT}) 4 Multilevel Security Data A : (CONFIDENTIAL, {ELINT}) Data B : (SECRET, {COMINT}) Data C : (UNCLASSIFIED , {HUMINT}) COMINT HUMINT ELINT TOP SECRET SECRET CONFIDENTIAL UNCLASSIFIED Data A Data B Data C Host A : (CONFIDENTIAL, {COMINT, HUMINT}) Host B : (CONFIDENTIAL, {ELINT}) Host C : (TOP SECRET, {COMINT, HUMINT, ELINT}) 5 Multilevel Security Data A : (CONFIDENTIAL, {ELINT}) Data B : (SECRET, {COMINT}) Data C : (UNCLASSIFIED , {HUMINT}) COMINT HUMINT ELINT 1 Normalized Finish Time TOP0.9 SECRET SECRET Host C 0.8 0.7 Host B Host C CONFIDENTIAL 0.6 0.5 0.4 0.3 Host A Host C UNCLASSIFIED 0.2 0.1 0 Host A Data A Host B Data B Host C Data C Host A : (CONFIDENTIAL, {COMINT, HUMINT}) Host B : (CONFIDENTIAL, {ELINT}) Host C : (TOP SECRET, {COMINT, HUMINT, ELINT}) 6 Our Code Partitioning Domain • • • The aim is to partition a given task evenly among a set of hosts. However, different hosts have access to different portions of the data. Further, hosts are hierarchically related. E.g. Host 1 can access all the data that Host 4 and Host 3 can. Data Decompositions H0 Host Hierarchy Tree H2 H3 H2 H0 H1 H1 H4 H4 H3 7 Our Code Partitioning Domain Original Application and Data H2 H0 H3 H2 H1 H0 Compiler H1 H4 H4 thread thread thread H0 H1 H2 thread H3 H4 thread H4 8 Workload Balancing Challenges • There are three challenges • Representing the data and computation that can be performed on them – In this work, we target codes that are structured as a series of loops that access data. – So the unit of workload distribution is a loop iteration. • Calculating the initial/default workload on each host • Reassigning the workload of the hosts –Three algorithms 9 Determining the data and the iterations Data accessed by a host in an iteration Dhi , I k All iterations that access a particular data object on a host that may be accessed by a host I : r RA j , I k d A j such that I (hi , I k , A j ) r I d d Dhi , A j I I k All the iterations that may be executed on a host I hi , I k I h , I i k , Aj j : A j S I k Default iterations that are executed on a host I init hi , I k I : hi hmin I , I k 10 Reassigning the workload ReassignHHT() 1: Navg := Totalnumberofiterations / Totalnumberofhosts 2: BottomToTop(hroot,Navg) 3: while carryout(hroot, Ik) > 0 do 4: Navg := Navg + Navg * 0.1 5: TopToBottom(hroot,Navg, 0) 6: end while • • • The ideal average, Navg is calculated. BottomToTop allocates to every host, at most Navg iterations. TopToBottom increases the allowed number of iterations for unbalanced hosts. 11 Example • Based on the Gauss Seidel method for(i = 2 to N-1) for(j = 2 to N-1) B[i, j] := (A[i -1,j]+ A[i + 1,j] + A[i, j -1]+ A[i, j + 1]) * 1/ά ; endfor endfor H4 H6 H5 H1 H2 Array A H4 H7 H6 H5 H1 H3 H0 H2 H2 H3 H0 Array B H1 H2 H4 H5 H3 H7 H6 HHT H7 14 Example continued HHT H0 H1 H2 H4 H5 H3 H6 H7 15 Example Assignment of initial iterations. H0 30 Navg = 400/8 = 50 H1 H2 any node H3 is 80. Maximum load on 80 80 20 While the average is 50. H4 40 H5 70 H6 40 H7 40 16 Example – Operation of BottomtoTop Navg = 400/8 = 50 60 H0 30 50 10 30 50 H1 50 80 H2 50 80 0 40 > Navg ? H4 40 0 20 H5 70 50 H3 20 0 H6 40 0 H7 40 17 Example – Operation of BottomtoTop Navg = 400/8 = 50 60 H0 50 10 50 H1 50 H2 50 0 H4 40 0 20 H5 50 H3 20 0 H6 40 0 H7 40 18 Example Toptobottom Increase allowed Load, Navg to 55 60 55 504540 H0 50 55 5 10 40 45 50 H1 55 50 H2 55 50 0 15 20 Balanced H4 40 0 H5 50 55 Balanced H3 20 0 H6 40 0 H7 40 19 Example continued 40 H0 55 5 40 H1 55 H2 55 0 H4 40 0 15 H5 55 H3 20 0 H6 40 0 H7 40 20 Example continued 20 Increase allowed load to 60 H0 60 0 30 H1 60 H2 60 0 H4 40 0 10 H5 60 H3 20 0 H6 40 0 H7 40 21 Example continued 2 Increase allowed load to 66 H0 66 0 18 H1 60 H2 66 0 H4 40 0 4 H3 20 0 H5 66 H6 40 0 H7 40 22 Example continued 0 Increase allowed load to 72 H0 68 0 0 18 The HHT His now ‘balanced’ at the root node. H2 H3 1 Maximum60load on any 66 node is 20 68 (from 80). 0 H4 40 4 0 H5 66 H6 40 0 H7 40 23 Experimental Results • • Two metrics were studied for multiple HHTs • Execution Time (EXE) • Standard deviation of workload (STD) Two scenarios were studied • Default data decomposition + multiple HHTs • Default HHT + multiple decompositions 24 Experimental Results – (1/2) Default HHT + multiple decompositions Overall finish time for the different data decompositions with a default HHT. STD for the different data decompositions with a default HHT. 25 Experimental Results – (2/2) Default HHT + multiple decompositions Overall finish time for the different HHT with a default data decomposition STD for the different HHTs with a default data decompostion 26 Conclusion • • • Showed that load balancing is required in secure code partitioning Proposed performance aware secure code partitioning to reduces the overall finish time. Better load balancing compared to the original method is achieved as well. 27 Thank you Sri Hari Krishna Narayanan [email protected]
© Copyright 2024 Paperzz