Tuesday, January 12, 2016

We continue discussing the paper "Shielding applications from an untrusted cloud with Haven,” written by Andrew Baumann, Marcus Peinado, and Galen Hunt. Haven is the first system to achieve shielded execution of unmodified legacy application on commodity hardware. It leverages the hardware protection of Intel SGX (software guard extensions). It defends applications from an untrusted host while not requiring changes to the application. It defends against privileged code such as hypervisor and physical attacks. A cloud user trusts 1) the providers software and hardware, 2) the provider's staff, including system administrators and 3) law enforcement bodies. This is a large and inscrutable trusted computing base.
SGX allows a process to instantiate  a secure region of address space known as an enclave. It then protects the execution of the code even from the host. Haven uses an in-enclave library OS (LibOS) that is derived from Drawbridge. It implements the Windows 8 API using a small set of primitives such as threads, virtual memory and file I/O. Haven implements these primitives using a mutually-distrusting interface with the host OS. This ensures shielded execution of unmodified applications. By pushing against the limits of SGX using unmodified applications, Haven exposed fundamental limitations in SGX which were revised in SGX v2.
#codingexercise
Given a set of M unix paths that already exist and N paths that need to be created, find out the paths that must be given with the default usage of mkdir commands for those that need to be created.
        static void PrintMkdirs(SortedList<string, int> created, SortedList<string, int> todo)
        {
            foreach (var item in todo)
            {
                var parts = item.Key.Split('/');
                string sep = "/";

                for (int i = parts.Length; i > 0; i--)
                {
                    var result = String.Join(sep, parts, 0, i);
                    if (String.IsNullOrWhiteSpace(result) == false)
                    {
                        if (created.ContainsKey(result))
                        {
                            break;
                        }
                        created.Add(result, 0);
                        Console.WriteLine(result);
                    }
                }
            }
        }
#puzzlemaking
In the puzzle category of layering as discussed here and here, we used a vertical collection of puzzle to take a new dimension. Today we discuss tiling. Tiling is also another dimension similar to layering in that it also involves ordering but instead of vertical ordering, here we do ordering on a horizontal plane. To give an instance, consider a picture that is cut up into small squares. This is much like an anagram. Similarly each tile represents a puzzle by itself and when solved, its results can be aggregated and ordered to form a final result. Tiling need not always involve ordering but the position of the tiles helps with solving the puzzle because it's another dimension that throws more light on the current problem. Take for instance Sudoku, it is also composed of tiles where the solution of each subgrid also aids solving the whole grid and vice versa. Most crossword anagrams can also be considered tiles.
The examples I brought up earlier were those involving say coloring where each layer reveals a picture while their collection reveals an overlay that is a bigger or more detailed picture. Its straightforward to do the same with tiles as described earlier.
At the same time tiles come with a property that layering doesn't. As long as tiles fall in place uniquely to represent the final picture, they can take arbitrary shape - be it geometrical like a honeycomb or more cut as jigsaw puzzles. This gives more variation and appeal to how puzzles are laid out. Have you seen a coloring grid where each tile can be colored as per the clues given and then the tiles rearranged to form a whole? The same goes for color-your-own jig-saw puzzles.

No comments:

Post a Comment