Avocado: A secure in-memory distributed storage system

Maurice Bailleu, Dimitra Giantsidi, Vasilis Gavrielatos, Do Le Quoc, Vijay Nagarajan, Pramod Bhatotia

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

21 Scopus citations

Abstract

We introduce Avocado, a secure in-memory distributed storage system that provides strong security, fault-tolerance, consistency (linearizability) and performance for untrusted cloud environments. Avocado achieves these properties based on TEEs, which, however, are primarily designed for securing limited physical memory (enclave) within a single-node system. Avocado overcomes this limitation by extending the trust of a secure single-node enclave to the distributed environment over an untrusted network, while ensuring that replicas are kept consistent and fault-tolerant in a malicious environment. To achieve these goals,we design and implementAvocado underpinning on the cross-layer contributions involving the network stack, the replication protocol, scalable trust establishment, and memory management. Avocado is practical: In comparison to BFT, Avocado provides confidentiality with fewer replicas and is significantly faster-4.5× to 65× for YCSB read and write heavy workloads, respectively.

Original languageEnglish
Title of host publication2021 USENIX Annual Technical Conference
PublisherUSENIX Association
Pages285-301
Number of pages17
ISBN (Electronic)9781939133236
StatePublished - 2021
Event2021 USENIX Annual Technical Conference, ATC 2021 - Virtual, Online
Duration: 14 Jul 202116 Jul 2021

Publication series

Name2021 USENIX Annual Technical Conference

Conference

Conference2021 USENIX Annual Technical Conference, ATC 2021
CityVirtual, Online
Period14/07/2116/07/21

Fingerprint

Dive into the research topics of 'Avocado: A secure in-memory distributed storage system'. Together they form a unique fingerprint.

Cite this