Compiler-assisted semantic-aware encryption for efficient and secure serverless computing

Bongjun Kim; Seonyeong Heo; Jaeho Lee; Shinnung Jeong; Yongwoo Lee; Hanjun Kim

doi:10.1109/JIOT.2020.3031550

Compiler-assisted semantic-aware encryption for efficient and secure serverless computing

Bongjun Kim, Seonyeong Heo, Jaeho Lee, Shinnung Jeong, Yongwoo Lee, Hanjun Kim

Department of Electrical and Electronic Engineering

Research output: Contribution to journal › Article › peer-review

1 Citation (Scopus)

Abstract

Serverless computing like Function-as-a-Service (FaaS) is attractive for IoT service providers, liberating the providers from server maintenance. Since a data processing function is executed on the cloud instead of a dedicated server in the FaaS platform, the service users send their private data in their IoT devices to the third-party cloud, taking privacy leakage risks. Homomorphic encryption (HE) can preserve the privacy by enabling encrypted data processing on the cloud, but using HE for every data item incurs large computation and communication overheads. This work proposes SelectiveCrypt, a compiler-assisted semantic-aware encryption scheme that applies different cryptographic primitives depending on the operations on each data item. SelectiveCrypt homomorphically encrypts data items if arithmetic operations are applied to the data, while SelectiveCrypt encrypts data items with a symmetric key if the data are stored in the cloud without any arithmetic operation. The SelectiveCrypt framework consists of a compiler and its runtime system. The SelectiveCrypt compiler statically analyzes the data processing, determines an appropriate cryptographic primitive for each data item, and automatically transforms arithmetic operations into the homomorphic computation. The SelectiveCrypt runtime encrypts and decrypts the data items according to the static analysis result. This work evaluates the prototype SelectiveCrypt framework with five benchmarks that reflect real-world IoT scenarios. The evaluation results show that the SelectiveCrypt framework successfully reduces response time and communication overhead by 1.59 times and 9.61 times, respectively, compared with a HE scheme.

Original language	English
Article number	9226428
Pages (from-to)	5645-5656
Number of pages	12
Journal	IEEE Internet of Things Journal
Volume	8
Issue number	7
DOIs	https://doi.org/10.1109/JIOT.2020.3031550
Publication status	Published - 2021 Apr 1

Bibliographical note

Funding Information:
Manuscript received May 24, 2020; revised August 10, 2020 and September 18, 2020; accepted October 8, 2020. Date of publication October 16, 2020; date of current version March 24, 2021. This work was supported by the Institute of Information and Communication Technology Planning and Evaluation (IITP) Funded by the Ministry of Science and ICT under Grant IITP-2017-0-00195, Grant IITP-2018-0-01392, and Grant IITP-2020-0-01847. (Corresponding author: Hanjun Kim.) Bongjun Kim and Seonyeong Heo are with the Department of Computer Science and Engineering, POSTECH, Pohang 37673, South Korea (e-mail: bong90@postech.ac.kr; heosy@postech.ac.kr).

Publisher Copyright:
© 2014 IEEE.

All Science Journal Classification (ASJC) codes

Signal Processing
Information Systems
Hardware and Architecture
Computer Science Applications
Computer Networks and Communications

Access to Document

10.1109/JIOT.2020.3031550

Cite this

@article{2b6e8c93b9804d2685b9362249620bd3,

title = "Compiler-assisted semantic-aware encryption for efficient and secure serverless computing",

abstract = "Serverless computing like Function-as-a-Service (FaaS) is attractive for IoT service providers, liberating the providers from server maintenance. Since a data processing function is executed on the cloud instead of a dedicated server in the FaaS platform, the service users send their private data in their IoT devices to the third-party cloud, taking privacy leakage risks. Homomorphic encryption (HE) can preserve the privacy by enabling encrypted data processing on the cloud, but using HE for every data item incurs large computation and communication overheads. This work proposes SelectiveCrypt, a compiler-assisted semantic-aware encryption scheme that applies different cryptographic primitives depending on the operations on each data item. SelectiveCrypt homomorphically encrypts data items if arithmetic operations are applied to the data, while SelectiveCrypt encrypts data items with a symmetric key if the data are stored in the cloud without any arithmetic operation. The SelectiveCrypt framework consists of a compiler and its runtime system. The SelectiveCrypt compiler statically analyzes the data processing, determines an appropriate cryptographic primitive for each data item, and automatically transforms arithmetic operations into the homomorphic computation. The SelectiveCrypt runtime encrypts and decrypts the data items according to the static analysis result. This work evaluates the prototype SelectiveCrypt framework with five benchmarks that reflect real-world IoT scenarios. The evaluation results show that the SelectiveCrypt framework successfully reduces response time and communication overhead by 1.59 times and 9.61 times, respectively, compared with a HE scheme.",

author = "Bongjun Kim and Seonyeong Heo and Jaeho Lee and Shinnung Jeong and Yongwoo Lee and Hanjun Kim",

note = "Funding Information: Manuscript received May 24, 2020; revised August 10, 2020 and September 18, 2020; accepted October 8, 2020. Date of publication October 16, 2020; date of current version March 24, 2021. This work was supported by the Institute of Information and Communication Technology Planning and Evaluation (IITP) Funded by the Ministry of Science and ICT under Grant IITP-2017-0-00195, Grant IITP-2018-0-01392, and Grant IITP-2020-0-01847. (Corresponding author: Hanjun Kim.) Bongjun Kim and Seonyeong Heo are with the Department of Computer Science and Engineering, POSTECH, Pohang 37673, South Korea (e-mail: bong90@postech.ac.kr; heosy@postech.ac.kr). Publisher Copyright: {\textcopyright} 2014 IEEE.",

year = "2021",

month = apr,

day = "1",

doi = "10.1109/JIOT.2020.3031550",

language = "English",

volume = "8",

pages = "5645--5656",

journal = "IEEE Internet of Things Journal",

issn = "2327-4662",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "7",

}

TY - JOUR

T1 - Compiler-assisted semantic-aware encryption for efficient and secure serverless computing

AU - Kim, Bongjun

AU - Heo, Seonyeong

AU - Lee, Jaeho

AU - Jeong, Shinnung

AU - Lee, Yongwoo

AU - Kim, Hanjun

N1 - Funding Information: Manuscript received May 24, 2020; revised August 10, 2020 and September 18, 2020; accepted October 8, 2020. Date of publication October 16, 2020; date of current version March 24, 2021. This work was supported by the Institute of Information and Communication Technology Planning and Evaluation (IITP) Funded by the Ministry of Science and ICT under Grant IITP-2017-0-00195, Grant IITP-2018-0-01392, and Grant IITP-2020-0-01847. (Corresponding author: Hanjun Kim.) Bongjun Kim and Seonyeong Heo are with the Department of Computer Science and Engineering, POSTECH, Pohang 37673, South Korea (e-mail: bong90@postech.ac.kr; heosy@postech.ac.kr). Publisher Copyright: © 2014 IEEE.

PY - 2021/4/1

Y1 - 2021/4/1

N2 - Serverless computing like Function-as-a-Service (FaaS) is attractive for IoT service providers, liberating the providers from server maintenance. Since a data processing function is executed on the cloud instead of a dedicated server in the FaaS platform, the service users send their private data in their IoT devices to the third-party cloud, taking privacy leakage risks. Homomorphic encryption (HE) can preserve the privacy by enabling encrypted data processing on the cloud, but using HE for every data item incurs large computation and communication overheads. This work proposes SelectiveCrypt, a compiler-assisted semantic-aware encryption scheme that applies different cryptographic primitives depending on the operations on each data item. SelectiveCrypt homomorphically encrypts data items if arithmetic operations are applied to the data, while SelectiveCrypt encrypts data items with a symmetric key if the data are stored in the cloud without any arithmetic operation. The SelectiveCrypt framework consists of a compiler and its runtime system. The SelectiveCrypt compiler statically analyzes the data processing, determines an appropriate cryptographic primitive for each data item, and automatically transforms arithmetic operations into the homomorphic computation. The SelectiveCrypt runtime encrypts and decrypts the data items according to the static analysis result. This work evaluates the prototype SelectiveCrypt framework with five benchmarks that reflect real-world IoT scenarios. The evaluation results show that the SelectiveCrypt framework successfully reduces response time and communication overhead by 1.59 times and 9.61 times, respectively, compared with a HE scheme.

AB - Serverless computing like Function-as-a-Service (FaaS) is attractive for IoT service providers, liberating the providers from server maintenance. Since a data processing function is executed on the cloud instead of a dedicated server in the FaaS platform, the service users send their private data in their IoT devices to the third-party cloud, taking privacy leakage risks. Homomorphic encryption (HE) can preserve the privacy by enabling encrypted data processing on the cloud, but using HE for every data item incurs large computation and communication overheads. This work proposes SelectiveCrypt, a compiler-assisted semantic-aware encryption scheme that applies different cryptographic primitives depending on the operations on each data item. SelectiveCrypt homomorphically encrypts data items if arithmetic operations are applied to the data, while SelectiveCrypt encrypts data items with a symmetric key if the data are stored in the cloud without any arithmetic operation. The SelectiveCrypt framework consists of a compiler and its runtime system. The SelectiveCrypt compiler statically analyzes the data processing, determines an appropriate cryptographic primitive for each data item, and automatically transforms arithmetic operations into the homomorphic computation. The SelectiveCrypt runtime encrypts and decrypts the data items according to the static analysis result. This work evaluates the prototype SelectiveCrypt framework with five benchmarks that reflect real-world IoT scenarios. The evaluation results show that the SelectiveCrypt framework successfully reduces response time and communication overhead by 1.59 times and 9.61 times, respectively, compared with a HE scheme.

UR - http://www.scopus.com/inward/record.url?scp=85103310109&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85103310109&partnerID=8YFLogxK

U2 - 10.1109/JIOT.2020.3031550

DO - 10.1109/JIOT.2020.3031550

M3 - Article

AN - SCOPUS:85103310109

SN - 2327-4662

VL - 8

SP - 5645

EP - 5656

JO - IEEE Internet of Things Journal

JF - IEEE Internet of Things Journal

IS - 7

M1 - 9226428

ER -

Compiler-assisted semantic-aware encryption for efficient and secure serverless computing

Abstract

Bibliographical note

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this