Friday, February 5, 2016

We continue discussing the paper "Shielding applications from an untrusted cloud with Haven,” written by Andrew Baumann, Marcus Peinado, and Galen Hunt. We were reviewing Hardware security modules (HSM) that isolate applications from an untrusted OS. Another thing that serves this purpose is Trusted Hardware  or Trusted Platform Modules(TPM). TPMs are hardware devices that support a simple attestation mechanism just like in SGX. In more recent versions, it also supports late launch and dynamic attestation of an isolated secure kernel. However there is no support for multiplexing distinct late launch environments. Therefore, TPM systems are multiplexed and this is done with two approaches. The first is to time multiplex the entire PC between security kernels and an untrusted host OS. This approach is slow because it uses a separate chip. The  second approach is to attest a trusted hypervisor or OS, which implements isolated execution in software. However the hypervisor remains under the cloud provider's control regardless of its size. A cloud user may compare a TPM attestation to a known hash of the hypervisor binary, but the provider must be able to update the hypervisor and the user must ultimately trust them. However the attestation that the user receives must be meaningfully connected to a proof of the isolation mechanism.
# codejam codingexercise
Consider a person eating mushrooms from a plate and a cook serving mushrooms on the plate. We can only see the plate every ten seconds and note down the number of mushrooms.  This gives us a sequence of numbers for the mushrooms seen on the plate.
The eater could have eaten in one of two ways:
1) any number of pieces eaten and any number of pieces fed
2) eater eats at a constant rate of some number of mushrooms per second.
If we have a sequence 10 5 15 5, then by the first approach, we have the eater eating 5 then there are 10 more put on plate.then she eats another 10 and there's no way she could have eaten fewer pieces.
And by the second approach eater eats ten pieces in the first ten seconds, 5 more are put on her plate, then she eats for 5 seconds and waits 5 seconds while the plate is empty and then fifteen is put on her plate. She eats ten in the last ten seconds.
Given this sequence, find the number eaten by both approaches.
Tuple<int, int> GetEaten(List<int> numbers)
{
int diff = 0;
var sum = new Tuple<int,int>();
int rate = 0;
for (int i = 1; i < numbers.Count; i++)
{
   diff = max ( numbers[i-1]-numbers[i], 0);
   sum.Item1 += diff;
   rate = max(diff, rate);
}
for (int i = 0; i < numbers.Count; i++)
{
  sum.Item2 += min(numbers[i], rate);
}
return sum;
}

No comments:

Post a Comment