Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are ...Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are invoked by its driven events.Nonetheless,security threats in serverless computing such as vulnerability-based security threats have become the pain point hindering its wide adoption.The ideas in proactive defense such as redundancy,diversity and dynamic provide promising approaches to protect against cyberattacks.However,these security technologies are mostly applied to serverless platform based on“stacked”mode,as they are designed independent with serverless computing.The lack of security consideration in the initial design makes it especially challenging to achieve the all life cycle protection for serverless application with limited cost.In this paper,we present ATSSC,a proactive defense enabled attack tolerant serverless platform.ATSSC integrates the characteristic of redundancy,diversity and dynamic into serverless seamless to achieve high-level security and efficiency.Specifically,ATSSC constructs multiple diverse function replicas to process the driven events and performs cross-validation to verify the results.In order to create diverse function replicas,both software diversity and environment diversity are adopted.Furthermore,a dynamic function refresh strategy is proposed to keep the clean state of serverless functions.We implement ATSSC based on Kubernetes and Knative.Analysis and experimental results demonstrate that ATSSC can effectively protect serverless computing against cyberattacks with acceptable costs.展开更多
The data analysis of blasting sites has always been the research goal of relevant researchers.The rise of mobile blasting robots has aroused many researchers’interest in machine learning methods for target detection ...The data analysis of blasting sites has always been the research goal of relevant researchers.The rise of mobile blasting robots has aroused many researchers’interest in machine learning methods for target detection in the field of blasting.Serverless Computing can provide a variety of computing services for people without hardware foundations and rich software development experience,which has aroused people’s interest in how to use it in the field ofmachine learning.In this paper,we design a distributedmachine learning training application based on the AWS Lambda platform.Based on data parallelism,the data aggregation and training synchronization in Function as a Service(FaaS)are effectively realized.It also encrypts the data set,effectively reducing the risk of data leakage.We rent a cloud server and a Lambda,and then we conduct experiments to evaluate our applications.Our results indicate the effectiveness,rapidity,and economy of distributed training on FaaS.展开更多
Cloud computing has been exploited in managing large-scale IoT systems.IoT cloud servers usually handle a large number of requests from various IoT devices.Due to the fluctuant and heavy workload,the servers require t...Cloud computing has been exploited in managing large-scale IoT systems.IoT cloud servers usually handle a large number of requests from various IoT devices.Due to the fluctuant and heavy workload,the servers require the cloud to provide high scalability,stable performance,low price and necessary functionalities.However,traditional clouds usually offer computing service with the abstraction of virtual machine(VM),which can hardly meet these requirements.Meanwhile,different cloud vendors provide different performance stabilities and price models,which fluctuate according to the dynamic workload.A single cloud cannot satisfy all the requirements of the IoT scenario well.The JointCloud computing model empowers the cooperation among multiple public clouds.However,it is still difficult to dynamically schedule the workload on different clouds based on the VM abstraction.This paper introduces HCloud,a trusted JointCloud platform for IoT systems using serverless computing model.HCloud allows an IoT server to be implemented with multiple serverless functions and schedules these functions on different clouds based on a schedule policy.The policy is specified by the client and includes the required functionalities,execution resources,latency,price and so on.HCloud collects the status of each cloud and dispatches serverless functions to the most suitable cloud based on the schedule policy.By leveraging the blockchain technology,we further enforce that our system can neither fake the cloud status nor wrongly dispatch the target functions.We have implemented a prototype of HCloud and evaluated it by simulating multiple cloud providers.The evaluation results show that HCloud can greatly improve the performance of serverless workloads with negligible costs.展开更多
FaaS(Function as a Service)允许开发者在不管理服务器的情况下在云端上传和执行代码。为解决使用FaaS过程中出现的性能和扩展问题,提出并证明了一种轻量级高性能Serverless设计,该设计提供优于现有解决方案的性能和扩展优势,并且可以...FaaS(Function as a Service)允许开发者在不管理服务器的情况下在云端上传和执行代码。为解决使用FaaS过程中出现的性能和扩展问题,提出并证明了一种轻量级高性能Serverless设计,该设计提供优于现有解决方案的性能和扩展优势,并且可以实现细粒度的即用即付模型。比较了相同算法下的Docker和WebAssembly实现之间使用的性能基准。还讨论了在Serverless计算中采用WebAssembly的存在问题。展开更多
This work proposes ARS(FaaS) serverless framework scheduling and provisioning resources for streaming applications autonomously, which ensures real-time response on unpredictable and fluctuating streaming data. A HPC ...This work proposes ARS(FaaS) serverless framework scheduling and provisioning resources for streaming applications autonomously, which ensures real-time response on unpredictable and fluctuating streaming data. A HPC cloud platform is used as a de facto platform, on which serverless computing for stream analytic is explored. This work enables application developers to build and run steaming applications without worrying about servers, which means that the developers are able to focus on application features instead of scheduling and provisioning resources of the infrastructure. The serverless computing framework, ARS(FaaS), provides function-as-a-service to make the developers write code in discrete event-driven functions. ARS(FaaS) is capable of running and scaling the developer's code automatically, according to the throughput of streaming events. The major contribution of this serverless framework is effective and efficient autonomous resource scheduling for real-time streaming analytic, which enables the developers to build applications faster with autonomous resource scheduling. ARS(FaaS) framework is appropriate for real-time and stream analytic on event-driven data with spiky and variable compute requirements.展开更多
<div style="text-align:justify;"> <span style="font-family:Verdana;">Serverless Computing or Functions-as-a-Service (FaaS) is an execution model for cloud computing environments where t...<div style="text-align:justify;"> <span style="font-family:Verdana;">Serverless Computing or Functions-as-a-Service (FaaS) is an execution model for cloud computing environments where the cloud provider executes a piece of code (a function) by dynamically allocating resources. When a function has not been executed for a long time or is being executed for the first time, a new container has to be created, and the execution environment has to be initialized resulting in a cold start. Cold start can result in a higher latency. We propose a new computing and execution model for cloud environments called Result-as-a-Service (RaaS), which aims to reduce the computational cost and overhead while achieving high availability. In between successive calls to a function, a persistent function can help in successive calls by precomputing the functions for different possible arguments and then distributing the results when a matching function call is found.</span> </div>展开更多
基金supported by the Foundation for Innovative Research Groups of the National Natural Science Foundation of China under Grant No.61521003the National Natural Science Foundation of China under Grant No.62072467 and 62002383.
文摘Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are invoked by its driven events.Nonetheless,security threats in serverless computing such as vulnerability-based security threats have become the pain point hindering its wide adoption.The ideas in proactive defense such as redundancy,diversity and dynamic provide promising approaches to protect against cyberattacks.However,these security technologies are mostly applied to serverless platform based on“stacked”mode,as they are designed independent with serverless computing.The lack of security consideration in the initial design makes it especially challenging to achieve the all life cycle protection for serverless application with limited cost.In this paper,we present ATSSC,a proactive defense enabled attack tolerant serverless platform.ATSSC integrates the characteristic of redundancy,diversity and dynamic into serverless seamless to achieve high-level security and efficiency.Specifically,ATSSC constructs multiple diverse function replicas to process the driven events and performs cross-validation to verify the results.In order to create diverse function replicas,both software diversity and environment diversity are adopted.Furthermore,a dynamic function refresh strategy is proposed to keep the clean state of serverless functions.We implement ATSSC based on Kubernetes and Knative.Analysis and experimental results demonstrate that ATSSC can effectively protect serverless computing against cyberattacks with acceptable costs.
文摘The data analysis of blasting sites has always been the research goal of relevant researchers.The rise of mobile blasting robots has aroused many researchers’interest in machine learning methods for target detection in the field of blasting.Serverless Computing can provide a variety of computing services for people without hardware foundations and rich software development experience,which has aroused people’s interest in how to use it in the field ofmachine learning.In this paper,we design a distributedmachine learning training application based on the AWS Lambda platform.Based on data parallelism,the data aggregation and training synchronization in Function as a Service(FaaS)are effectively realized.It also encrypts the data set,effectively reducing the risk of data leakage.We rent a cloud server and a Lambda,and then we conduct experiments to evaluate our applications.Our results indicate the effectiveness,rapidity,and economy of distributed training on FaaS.
基金supported by the National Key Research&Development Program(No.2016YFB1000104).
文摘Cloud computing has been exploited in managing large-scale IoT systems.IoT cloud servers usually handle a large number of requests from various IoT devices.Due to the fluctuant and heavy workload,the servers require the cloud to provide high scalability,stable performance,low price and necessary functionalities.However,traditional clouds usually offer computing service with the abstraction of virtual machine(VM),which can hardly meet these requirements.Meanwhile,different cloud vendors provide different performance stabilities and price models,which fluctuate according to the dynamic workload.A single cloud cannot satisfy all the requirements of the IoT scenario well.The JointCloud computing model empowers the cooperation among multiple public clouds.However,it is still difficult to dynamically schedule the workload on different clouds based on the VM abstraction.This paper introduces HCloud,a trusted JointCloud platform for IoT systems using serverless computing model.HCloud allows an IoT server to be implemented with multiple serverless functions and schedules these functions on different clouds based on a schedule policy.The policy is specified by the client and includes the required functionalities,execution resources,latency,price and so on.HCloud collects the status of each cloud and dispatches serverless functions to the most suitable cloud based on the schedule policy.By leveraging the blockchain technology,we further enforce that our system can neither fake the cloud status nor wrongly dispatch the target functions.We have implemented a prototype of HCloud and evaluated it by simulating multiple cloud providers.The evaluation results show that HCloud can greatly improve the performance of serverless workloads with negligible costs.
文摘FaaS(Function as a Service)允许开发者在不管理服务器的情况下在云端上传和执行代码。为解决使用FaaS过程中出现的性能和扩展问题,提出并证明了一种轻量级高性能Serverless设计,该设计提供优于现有解决方案的性能和扩展优势,并且可以实现细粒度的即用即付模型。比较了相同算法下的Docker和WebAssembly实现之间使用的性能基准。还讨论了在Serverless计算中采用WebAssembly的存在问题。
基金Suported by the National Natural Science Foundation of China(No.61472089,61572143)NSFC-Guangdong Joint Found(No.U1501254)China Scholarship Council(No.201608440336)。
文摘This work proposes ARS(FaaS) serverless framework scheduling and provisioning resources for streaming applications autonomously, which ensures real-time response on unpredictable and fluctuating streaming data. A HPC cloud platform is used as a de facto platform, on which serverless computing for stream analytic is explored. This work enables application developers to build and run steaming applications without worrying about servers, which means that the developers are able to focus on application features instead of scheduling and provisioning resources of the infrastructure. The serverless computing framework, ARS(FaaS), provides function-as-a-service to make the developers write code in discrete event-driven functions. ARS(FaaS) is capable of running and scaling the developer's code automatically, according to the throughput of streaming events. The major contribution of this serverless framework is effective and efficient autonomous resource scheduling for real-time streaming analytic, which enables the developers to build applications faster with autonomous resource scheduling. ARS(FaaS) framework is appropriate for real-time and stream analytic on event-driven data with spiky and variable compute requirements.
文摘<div style="text-align:justify;"> <span style="font-family:Verdana;">Serverless Computing or Functions-as-a-Service (FaaS) is an execution model for cloud computing environments where the cloud provider executes a piece of code (a function) by dynamically allocating resources. When a function has not been executed for a long time or is being executed for the first time, a new container has to be created, and the execution environment has to be initialized resulting in a cold start. Cold start can result in a higher latency. We propose a new computing and execution model for cloud environments called Result-as-a-Service (RaaS), which aims to reduce the computational cost and overhead while achieving high availability. In between successive calls to a function, a persistent function can help in successive calls by precomputing the functions for different possible arguments and then distributing the results when a matching function call is found.</span> </div>