END-TO-END BIG DATA PROCESSING PROTECTION IN CLOUD ENVIRONMENT USING BLACK BOXES - AN FPGA APPROACH

Privacy is one of the critical concerns that hinders the adoption of public cloud. For simple application, like storage, encryption can be used to protect user's data. But for outsourced data processing, i.e., big data processing with MapReduce framework, there is no satisfying solution. Users have to trust the cloud service providers that they will not leak users' data. We propose adding black boxes to the public cloud for critical computation, which are tamper resistant to most adversaries. Specifically, FPGAs are deployed in the public cloud environment as black boxes for privacy preserving computation, and proxy re-encryption is used to support dynamic job scheduling on different FPGAs. In FPGA cloud, cloud is not necessarily fully trusted, and during outsourced computation, user's data is protected by a data encryption key only accessible by trusted FPGA devices. As an important application of cloud computing, we apply FPGA cloud to the popular MapReduce programming model and extend the FPGA based MapReduce pipeline with privacy protection capabilities. Finally, we conduct experiments and evaluation for k-NN with FPGA cloud, which is an important MapReduce application. The experimental results show the practicality of FPGA cloud.