Efficient migration of high-performance computing science and engineering applications to the cloud

Abstract

In the cloud computing scenario, the user may choose among several different hardware configurations and prices to configure its high performing cluster of computers. This opens the opportunity for several optimizations, such as avoiding long waits on job queues and creating specialized clusters for each application. However, migrating the code to the cloud, selecting the most cost-effective set of resources for each application and dealing with performance fluctuations on virtual network infrastructures are still challenges that must be addressed. Some applications also have non-functional requirements that are not easily fulfilled in the cloud. A major example is the processing of sensitive information. The cloud is a shared environment managed by a third party. Even if the cloud provider might be considered trustable, there are many factors that can compromise the security and privacy of the information. In a shared environment, vulnerabilities in the underlying infrastructure can be exploited by malicious guests to attack other guests. Moreover, it is hard to assure that the provider follows the necessary security protocols, concerning both technicalities and staff conduct. It is reasonably easy to achieve protection for data at rest, with most cloud providers offering out-of-the-box solutions for disk encryption. During processing, however, data are equally vulnerable, whereas techniques that enable efficient confidentiality-preserving computation are still in an early stage of development. Performance-wise, the most promising alternatives currently seem to be hardware-based trusted execution environments, such as Intel SGX and ARM TrustZone. They enforce honest behavior through software attestation and offer confidentiality through hardware isolation. Their disadvantages are the reliance on tamper-proof hardware, the necessity of trusting the hardware manufacturer and the absence of provable notions of security. On the other hand, cryptographic primitives, such as fully and partially homomorphic cryptography, can be used to achieve formal guarantees of security, but they lack practical performance levels for many applications. In this project, we are particularly interested in deep learnings applications, which are often employed over databases containing sensitive information, as in the processing of seismic data, which is usually attached to a high monetary value in the context of hydrocarbon exploration. These applications require high computational power and many different resources from the cloud. The main goal here is to investigate techniques and methods to enable an efficient migration of such applications considering their requirement for preserving the data confidentiality. The study approaches the problem from an HPC perspective, aiming at optimizing the use and cost of cloud resources. (AU)