Deepak Sirone Jegan (University of Wisconsin-Madison), Michael Swift (University of Wisconsin-Madison), Earlence Fernandes (University of California San Diego)

A Trigger-action platform (TAP) is a type of distributed system that allows end-users to create programs that stitch their web-based services together to achieve useful automation. For example, a program can be triggered when a new spreadsheet row is added, it can compute on that data and invoke an action, such as sending a message on Slack. Current TAP architectures require users to place complete trust in their secure operation. Experience has shown that unconditional trust in cloud services is unwarranted --- an attacker who compromises the TAP cloud service will gain access to sensitive data and devices for millions of users. In this work, we re-architect TAPs so that users have to place minimal trust in the cloud. Specifically, we design and implement TAPDance, a TAP that guarantees confidentiality and integrity of program execution in the presence of an untrustworthy TAP service. We utilize RISC-V Keystone enclaves to enable these security guarantees while minimizing the trusted software and hardware base. Performance results indicate that TAPDance outperforms a baseline TAP implementation using Node.js with 32% lower latency and 33% higher throughput on average.

View More Papers

Space-Domain AI Applications need Rigorous Security Risk Analysis

Alexandra Weber (Telespazio Germany GmbH), Peter Franke (Telespazio Germany GmbH)

Read More

Unus pro omnibus: Multi-Client Searchable Encryption via Access Control

Jiafan Wang (Data61, CSIRO), Sherman S. M. Chow (The Chinese University of Hong Kong)

Read More

Resilient Routing for Low Earth Orbit Mega-Constellation Networks

Alexander Kedrowitsch (Virginia Tech), Jonathan Black (Virginia Tech) Daphne Yao (Virginia Tech)

Read More

Threats Against Satellite Ground Infrastructure: A retrospective analysis of...

Jessie Hamill-Stewart (University of Bristol and University of Bath), Awais Rashid (University of Bristol)

Read More