Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are ...Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are invoked by its driven events.Nonetheless,security threats in serverless computing such as vulnerability-based security threats have become the pain point hindering its wide adoption.The ideas in proactive defense such as redundancy,diversity and dynamic provide promising approaches to protect against cyberattacks.However,these security technologies are mostly applied to serverless platform based on“stacked”mode,as they are designed independent with serverless computing.The lack of security consideration in the initial design makes it especially challenging to achieve the all life cycle protection for serverless application with limited cost.In this paper,we present ATSSC,a proactive defense enabled attack tolerant serverless platform.ATSSC integrates the characteristic of redundancy,diversity and dynamic into serverless seamless to achieve high-level security and efficiency.Specifically,ATSSC constructs multiple diverse function replicas to process the driven events and performs cross-validation to verify the results.In order to create diverse function replicas,both software diversity and environment diversity are adopted.Furthermore,a dynamic function refresh strategy is proposed to keep the clean state of serverless functions.We implement ATSSC based on Kubernetes and Knative.Analysis and experimental results demonstrate that ATSSC can effectively protect serverless computing against cyberattacks with acceptable costs.展开更多
The data analysis of blasting sites has always been the research goal of relevant researchers.The rise of mobile blasting robots has aroused many researchers’interest in machine learning methods for target detection ...The data analysis of blasting sites has always been the research goal of relevant researchers.The rise of mobile blasting robots has aroused many researchers’interest in machine learning methods for target detection in the field of blasting.Serverless Computing can provide a variety of computing services for people without hardware foundations and rich software development experience,which has aroused people’s interest in how to use it in the field ofmachine learning.In this paper,we design a distributedmachine learning training application based on the AWS Lambda platform.Based on data parallelism,the data aggregation and training synchronization in Function as a Service(FaaS)are effectively realized.It also encrypts the data set,effectively reducing the risk of data leakage.We rent a cloud server and a Lambda,and then we conduct experiments to evaluate our applications.Our results indicate the effectiveness,rapidity,and economy of distributed training on FaaS.展开更多
Cloud computing has been exploited in managing large-scale IoT systems.IoT cloud servers usually handle a large number of requests from various IoT devices.Due to the fluctuant and heavy workload,the servers require t...Cloud computing has been exploited in managing large-scale IoT systems.IoT cloud servers usually handle a large number of requests from various IoT devices.Due to the fluctuant and heavy workload,the servers require the cloud to provide high scalability,stable performance,low price and necessary functionalities.However,traditional clouds usually offer computing service with the abstraction of virtual machine(VM),which can hardly meet these requirements.Meanwhile,different cloud vendors provide different performance stabilities and price models,which fluctuate according to the dynamic workload.A single cloud cannot satisfy all the requirements of the IoT scenario well.The JointCloud computing model empowers the cooperation among multiple public clouds.However,it is still difficult to dynamically schedule the workload on different clouds based on the VM abstraction.This paper introduces HCloud,a trusted JointCloud platform for IoT systems using serverless computing model.HCloud allows an IoT server to be implemented with multiple serverless functions and schedules these functions on different clouds based on a schedule policy.The policy is specified by the client and includes the required functionalities,execution resources,latency,price and so on.HCloud collects the status of each cloud and dispatches serverless functions to the most suitable cloud based on the schedule policy.By leveraging the blockchain technology,we further enforce that our system can neither fake the cloud status nor wrongly dispatch the target functions.We have implemented a prototype of HCloud and evaluated it by simulating multiple cloud providers.The evaluation results show that HCloud can greatly improve the performance of serverless workloads with negligible costs.展开更多
FaaS(Function as a Service)允许开发者在不管理服务器的情况下在云端上传和执行代码。为解决使用FaaS过程中出现的性能和扩展问题,提出并证明了一种轻量级高性能Serverless设计,该设计提供优于现有解决方案的性能和扩展优势,并且可以...FaaS(Function as a Service)允许开发者在不管理服务器的情况下在云端上传和执行代码。为解决使用FaaS过程中出现的性能和扩展问题,提出并证明了一种轻量级高性能Serverless设计,该设计提供优于现有解决方案的性能和扩展优势,并且可以实现细粒度的即用即付模型。比较了相同算法下的Docker和WebAssembly实现之间使用的性能基准。还讨论了在Serverless计算中采用WebAssembly的存在问题。展开更多
This work proposes ARS(FaaS) serverless framework scheduling and provisioning resources for streaming applications autonomously, which ensures real-time response on unpredictable and fluctuating streaming data. A HPC ...This work proposes ARS(FaaS) serverless framework scheduling and provisioning resources for streaming applications autonomously, which ensures real-time response on unpredictable and fluctuating streaming data. A HPC cloud platform is used as a de facto platform, on which serverless computing for stream analytic is explored. This work enables application developers to build and run steaming applications without worrying about servers, which means that the developers are able to focus on application features instead of scheduling and provisioning resources of the infrastructure. The serverless computing framework, ARS(FaaS), provides function-as-a-service to make the developers write code in discrete event-driven functions. ARS(FaaS) is capable of running and scaling the developer's code automatically, according to the throughput of streaming events. The major contribution of this serverless framework is effective and efficient autonomous resource scheduling for real-time streaming analytic, which enables the developers to build applications faster with autonomous resource scheduling. ARS(FaaS) framework is appropriate for real-time and stream analytic on event-driven data with spiky and variable compute requirements.展开更多
<div style="text-align:justify;"> <span style="font-family:Verdana;">Serverless Computing or Functions-as-a-Service (FaaS) is an execution model for cloud computing environments where t...<div style="text-align:justify;"> <span style="font-family:Verdana;">Serverless Computing or Functions-as-a-Service (FaaS) is an execution model for cloud computing environments where the cloud provider executes a piece of code (a function) by dynamically allocating resources. When a function has not been executed for a long time or is being executed for the first time, a new container has to be created, and the execution environment has to be initialized resulting in a cold start. Cold start can result in a higher latency. We propose a new computing and execution model for cloud environments called Result-as-a-Service (RaaS), which aims to reduce the computational cost and overhead while achieving high availability. In between successive calls to a function, a persistent function can help in successive calls by precomputing the functions for different possible arguments and then distributing the results when a matching function call is found.</span> </div>展开更多
Recently, a new type of Radio Frequency IDentification (RFID) system with mobile readers is introduced. In such a system, it is more desirable for mobile readers to identify tags without a back-end server, and thus ...Recently, a new type of Radio Frequency IDentification (RFID) system with mobile readers is introduced. In such a system, it is more desirable for mobile readers to identify tags without a back-end server, and thus it is frequently referred as a serverless mobile RFID system. In this paper, we formalize a serverless mobile RFID system model and propose a new encryption-based system that preserves the privacy of both tags and readers in the model. In addition, we define a new adversary model for the system model and show the security of the proposed system. Throughout comparisons between ours and the other alternatives, we show that our proposed system provides a stronger reader privacy and robustness against a reader forgery attack than the competitors.展开更多
Cloud computing enables performing computations and analysis tasks and sharing services in web-based computer centres instead of local desktop systems.One of the most used areas of cloud computing is geographic inform...Cloud computing enables performing computations and analysis tasks and sharing services in web-based computer centres instead of local desktop systems.One of the most used areas of cloud computing is geographic information systems(GIS)applications.Although Desktop GIS products are still used in the community frequently,Web GIS and Cloud GIS applications have drawn attention and have become more efficient for users.In this study,a serverless Cloud GIS framework is implemented for the land valuation platform.In order to store,analyse,and share geospatial data,the Aurora Serverless PostgreSQL database is created on Amazon Web Services(AWS).While adopting Aurora Serverless PostgreSQL as a database management system,a simple point in polygon analysis conducted to compare the performances with Amazon Relational Database Service(RDS)instance.Results showed that the serverless database responded to the query faster and scaled up during high workload to decrease latency.Hence,parcel vector data,which conveys ownership information and land values attributes,is shared directly from the PostGIS database as vector tiles.Besides S3 and AWS Lambda services are used for storing and disseminating raster-based land value map tiles.To visualize all shared data and maps through a web browser,open source web mapping library Mapbox GL JS is used.展开更多
Serverless computing has become increasingly popular recently due to its cost efficiency and flexibility.However,running serverless computing functions in the cloud can incur high end-to-end service latency and operat...Serverless computing has become increasingly popular recently due to its cost efficiency and flexibility.However,running serverless computing functions in the cloud can incur high end-to-end service latency and operational costs.Running them on edge servers may significantly reduce service latency but is limited by computing power and memory availability.Given the limitations of cloud and edge environments for performing serverless com-puting,this paper proposes a joint function warm-up and request routing scheme to perform serverless computing functions on edge and cloud collaboratively.The key idea of the new scheme is to maximize the hit ratio of server-less computing requests,thereby reducing the cold-start latency that dominates the overall serving latency.This scheme explicitly considers allocating server memory and operation budget for executing concurrent requests during the scheduling.The proposed scheme has been evaluated through extensive simulations.Its effectiveness has been proved by comparison with the upper-bound results.展开更多
基金supported by the Foundation for Innovative Research Groups of the National Natural Science Foundation of China under Grant No.61521003the National Natural Science Foundation of China under Grant No.62072467 and 62002383.
文摘Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are invoked by its driven events.Nonetheless,security threats in serverless computing such as vulnerability-based security threats have become the pain point hindering its wide adoption.The ideas in proactive defense such as redundancy,diversity and dynamic provide promising approaches to protect against cyberattacks.However,these security technologies are mostly applied to serverless platform based on“stacked”mode,as they are designed independent with serverless computing.The lack of security consideration in the initial design makes it especially challenging to achieve the all life cycle protection for serverless application with limited cost.In this paper,we present ATSSC,a proactive defense enabled attack tolerant serverless platform.ATSSC integrates the characteristic of redundancy,diversity and dynamic into serverless seamless to achieve high-level security and efficiency.Specifically,ATSSC constructs multiple diverse function replicas to process the driven events and performs cross-validation to verify the results.In order to create diverse function replicas,both software diversity and environment diversity are adopted.Furthermore,a dynamic function refresh strategy is proposed to keep the clean state of serverless functions.We implement ATSSC based on Kubernetes and Knative.Analysis and experimental results demonstrate that ATSSC can effectively protect serverless computing against cyberattacks with acceptable costs.
文摘The data analysis of blasting sites has always been the research goal of relevant researchers.The rise of mobile blasting robots has aroused many researchers’interest in machine learning methods for target detection in the field of blasting.Serverless Computing can provide a variety of computing services for people without hardware foundations and rich software development experience,which has aroused people’s interest in how to use it in the field ofmachine learning.In this paper,we design a distributedmachine learning training application based on the AWS Lambda platform.Based on data parallelism,the data aggregation and training synchronization in Function as a Service(FaaS)are effectively realized.It also encrypts the data set,effectively reducing the risk of data leakage.We rent a cloud server and a Lambda,and then we conduct experiments to evaluate our applications.Our results indicate the effectiveness,rapidity,and economy of distributed training on FaaS.
基金supported by the National Key Research&Development Program(No.2016YFB1000104).
文摘Cloud computing has been exploited in managing large-scale IoT systems.IoT cloud servers usually handle a large number of requests from various IoT devices.Due to the fluctuant and heavy workload,the servers require the cloud to provide high scalability,stable performance,low price and necessary functionalities.However,traditional clouds usually offer computing service with the abstraction of virtual machine(VM),which can hardly meet these requirements.Meanwhile,different cloud vendors provide different performance stabilities and price models,which fluctuate according to the dynamic workload.A single cloud cannot satisfy all the requirements of the IoT scenario well.The JointCloud computing model empowers the cooperation among multiple public clouds.However,it is still difficult to dynamically schedule the workload on different clouds based on the VM abstraction.This paper introduces HCloud,a trusted JointCloud platform for IoT systems using serverless computing model.HCloud allows an IoT server to be implemented with multiple serverless functions and schedules these functions on different clouds based on a schedule policy.The policy is specified by the client and includes the required functionalities,execution resources,latency,price and so on.HCloud collects the status of each cloud and dispatches serverless functions to the most suitable cloud based on the schedule policy.By leveraging the blockchain technology,we further enforce that our system can neither fake the cloud status nor wrongly dispatch the target functions.We have implemented a prototype of HCloud and evaluated it by simulating multiple cloud providers.The evaluation results show that HCloud can greatly improve the performance of serverless workloads with negligible costs.
文摘FaaS(Function as a Service)允许开发者在不管理服务器的情况下在云端上传和执行代码。为解决使用FaaS过程中出现的性能和扩展问题,提出并证明了一种轻量级高性能Serverless设计,该设计提供优于现有解决方案的性能和扩展优势,并且可以实现细粒度的即用即付模型。比较了相同算法下的Docker和WebAssembly实现之间使用的性能基准。还讨论了在Serverless计算中采用WebAssembly的存在问题。
基金Suported by the National Natural Science Foundation of China(No.61472089,61572143)NSFC-Guangdong Joint Found(No.U1501254)China Scholarship Council(No.201608440336)。
文摘This work proposes ARS(FaaS) serverless framework scheduling and provisioning resources for streaming applications autonomously, which ensures real-time response on unpredictable and fluctuating streaming data. A HPC cloud platform is used as a de facto platform, on which serverless computing for stream analytic is explored. This work enables application developers to build and run steaming applications without worrying about servers, which means that the developers are able to focus on application features instead of scheduling and provisioning resources of the infrastructure. The serverless computing framework, ARS(FaaS), provides function-as-a-service to make the developers write code in discrete event-driven functions. ARS(FaaS) is capable of running and scaling the developer's code automatically, according to the throughput of streaming events. The major contribution of this serverless framework is effective and efficient autonomous resource scheduling for real-time streaming analytic, which enables the developers to build applications faster with autonomous resource scheduling. ARS(FaaS) framework is appropriate for real-time and stream analytic on event-driven data with spiky and variable compute requirements.
文摘<div style="text-align:justify;"> <span style="font-family:Verdana;">Serverless Computing or Functions-as-a-Service (FaaS) is an execution model for cloud computing environments where the cloud provider executes a piece of code (a function) by dynamically allocating resources. When a function has not been executed for a long time or is being executed for the first time, a new container has to be created, and the execution environment has to be initialized resulting in a cold start. Cold start can result in a higher latency. We propose a new computing and execution model for cloud environments called Result-as-a-Service (RaaS), which aims to reduce the computational cost and overhead while achieving high availability. In between successive calls to a function, a persistent function can help in successive calls by precomputing the functions for different possible arguments and then distributing the results when a matching function call is found.</span> </div>
基金Supported in part by the MKE (The Ministry of Knowledge Economy), Korea, under the ITRC (Information Technology Research Center) support program (No. NIPA-2012-H0301-12-4004)supervised by the NIPA (National IT Industry Promotion Agency)+1 种基金supported in part by US National Science Foundation (NSF) CREST (No. HRD-0833184)US Army Research Office (ARO) (No.W911NF-0810510)
文摘Recently, a new type of Radio Frequency IDentification (RFID) system with mobile readers is introduced. In such a system, it is more desirable for mobile readers to identify tags without a back-end server, and thus it is frequently referred as a serverless mobile RFID system. In this paper, we formalize a serverless mobile RFID system model and propose a new encryption-based system that preserves the privacy of both tags and readers in the model. In addition, we define a new adversary model for the system model and show the security of the proposed system. Throughout comparisons between ours and the other alternatives, we show that our proposed system provides a stronger reader privacy and robustness against a reader forgery attack than the competitors.
基金supported by Scientific Research Projects Coordination Unit of Istanbul TeknikÜniversitesi[Grant No.MYL-2018-41706].
文摘Cloud computing enables performing computations and analysis tasks and sharing services in web-based computer centres instead of local desktop systems.One of the most used areas of cloud computing is geographic information systems(GIS)applications.Although Desktop GIS products are still used in the community frequently,Web GIS and Cloud GIS applications have drawn attention and have become more efficient for users.In this study,a serverless Cloud GIS framework is implemented for the land valuation platform.In order to store,analyse,and share geospatial data,the Aurora Serverless PostgreSQL database is created on Amazon Web Services(AWS).While adopting Aurora Serverless PostgreSQL as a database management system,a simple point in polygon analysis conducted to compare the performances with Amazon Relational Database Service(RDS)instance.Results showed that the serverless database responded to the query faster and scaled up during high workload to decrease latency.Hence,parcel vector data,which conveys ownership information and land values attributes,is shared directly from the PostGIS database as vector tiles.Besides S3 and AWS Lambda services are used for storing and disseminating raster-based land value map tiles.To visualize all shared data and maps through a web browser,open source web mapping library Mapbox GL JS is used.
文摘Serverless computing has become increasingly popular recently due to its cost efficiency and flexibility.However,running serverless computing functions in the cloud can incur high end-to-end service latency and operational costs.Running them on edge servers may significantly reduce service latency but is limited by computing power and memory availability.Given the limitations of cloud and edge environments for performing serverless com-puting,this paper proposes a joint function warm-up and request routing scheme to perform serverless computing functions on edge and cloud collaboratively.The key idea of the new scheme is to maximize the hit ratio of server-less computing requests,thereby reducing the cold-start latency that dominates the overall serving latency.This scheme explicitly considers allocating server memory and operation budget for executing concurrent requests during the scheduling.The proposed scheme has been evaluated through extensive simulations.Its effectiveness has been proved by comparison with the upper-bound results.
